Lucene search
K

1594 matches found

NVD
NVD
added 2026/06/25 5:16 a.m.11 views

CVE-2026-5309

GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without...

5.4CVSS0.00171EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 5:16 a.m.9 views

CVE-2026-3176

GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with limited permissions to access project information due to insufficient authorization...

3.1CVSS0.00182EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 5:16 a.m.8 views

CVE-2026-12635

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to make requests to internal network resources through...

3.1CVSS0.00153EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 5:16 a.m.9 views

CVE-2026-10086

GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code in the context of...

8.7CVSS0.00231EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 5:16 a.m.8 views

CVE-2026-12053

GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows...

8.6CVSS0.00328EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 5:16 a.m.6 views

CVE-2026-11379

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under...

5.3CVSS0.00188EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 5:3 a.m.4 views

EUVD-2026-39181

GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code in the context of...

8.7CVSS6.2AI score0.00231EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 5:3 a.m.32 views

CVE-2026-10086 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code in the context of...

8.7CVSS0.00231EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 4:34 a.m.5 views

EUVD-2026-39177

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an unauthenticated user to view confidential issue references on public projects due to improper authorizatio...

5.3CVSS5.9AI score0.00231EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 4:34 a.m.31 views

CVE-2026-3176 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with limited permissions to access project information due to insufficient authorization...

3.1CVSS0.00182EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 4:34 a.m.4 views

EUVD-2026-39176

GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with limited permissions to access project information due to insufficient authorization...

3.1CVSS5.9AI score0.00182EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 4:34 a.m.34 views

CVE-2026-5309 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without...

5.4CVSS0.00171EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 4:34 a.m.5 views

EUVD-2026-39175

GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without...

5.4CVSS5.9AI score0.00171EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 4:33 a.m.4 views

EUVD-2026-39170

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under...

5.3CVSS5.8AI score0.00188EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 4:33 a.m.96 views

CVE-2026-11379

GitLab Security Advisory CVE-2026-11379 affects GitLab EE. The issue is an incorrect authorization flaw in DAST site profile management that could allow a user with the Developer role to exfiltrate DAST site profile secrets under certain conditions. Affected versions include all GitLab EE release...

5.3CVSS5.8AI score0.00188EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 4:33 a.m.4 views

EUVD-2026-39169

GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows...

8.6CVSS5.8AI score0.00328EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52203

Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.6 through 18.11.5 GitLab EE versions 19.0 through 19.0.2 GitLab EE versions 19.1 through 19.1.0 Description Insufficient authorization checks could allow an authenticated user with limited permissions to access project...

3.1CVSS5.8AI score0.00182EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52198

Name of the Vulnerable Software and Affected Versions GitLab EE versions 19.1 through 19.1.0 Description Insufficient output filtering in Duo Workflows could allow a user to access sensitive information that had already been committed to a project. Recommendations Update GitLab EE to version 19.1...

8.6CVSS5.8AI score0.00328EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

GitLab 16.4 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-10086)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticate...

8.7CVSS6.2AI score0.00231EPSS
Exploits0References5
OSV
OSV
added 2026/06/13 8:57 a.m.13 views

BIT-GITLAB-2026-1500 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

6.5CVSS5.4AI score0.00321EPSS
Exploits0References4
Rows per page
Query Builder