Lucene search
K

1780 matches found

RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-6352

A flaw was found in GitLab Enterprise Edition EE. An authenticated user with auditor-level access could modify compliance violation records. This was possible due to improper authorization on certain GraphQL operations, allowing them to bypass intended access controls...

2.7CVSS5.9AI score0.00264EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added last week6 views

CVE-2026-11827

A flaw was found in GitLab EE. An authenticated user with maintainer-role permissions could, under specific conditions, exploit improper authorization controls. This vulnerability allows the user to obtain other users' stored credentials, leading to unauthorized information disclosure...

4.9CVSS5.9AI score0.00255EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.6 views

GitLab 13.11 < 18.11.7 / 19.0 < 19.0.4 / 19.1 < 19.1.2 (CVE-2026-6896)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticat...

8.7CVSS6.4AI score0.00282EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-6896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain...

8.7CVSS7.3AI score0.00282EPSS
Exploits0References2
NVD
NVD
added 2026/07/08 9:16 p.m.7 views

CVE-2026-6896

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary scripts in another user's browser...

8.7CVSS0.00282EPSS
Exploits0References3
NVD
NVD
added 2026/07/08 9:16 p.m.8 views

CVE-2026-8472

GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to...

4.3CVSS0.00243EPSS
Exploits0References3
NVD
NVD
added 2026/07/08 9:16 p.m.11 views

CVE-2026-6352

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with auditor-level access to modify compliance violation records due to improper...

2.7CVSS0.00264EPSS
Exploits0References3
NVD
NVD
added 2026/07/08 9:16 p.m.6 views

CVE-2026-13151

GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to modify group-level settings beyond their intended permissions due to improper...

4.3CVSS0.00161EPSS
Exploits0References2
NVD
NVD
added 2026/07/08 9:16 p.m.7 views

CVE-2026-11827

GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user's stored credentials due to imprope...

4.9CVSS0.00255EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 9:16 p.m.4 views

UBUNTU-CVE-2026-13151

GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to modify group-level settings beyond their intended permissions due to improper...

4.3CVSS6.1AI score0.00161EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 9:16 p.m.4 views

UBUNTU-CVE-2026-6896

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary scripts in another user's browser...

8.7CVSS7.2AI score0.00282EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 9:16 p.m.4 views

UBUNTU-CVE-2026-11827

GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user's stored credentials due to imprope...

4.9CVSS6.1AI score0.00255EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 9:16 p.m.3 views

UBUNTU-CVE-2026-8472

GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to...

4.3CVSS6.1AI score0.00243EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 9:16 p.m.4 views

UBUNTU-CVE-2026-6352

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with auditor-level access to modify compliance violation records due to improper...

2.7CVSS6.1AI score0.00264EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 8:46 p.m.85 views

CVE-2026-6352

GitLab EE contains an authorization flaw in GraphQL operations that could allow an authenticated user with auditor-level access to modify compliance violation records. Affected versions include all 18.2-era releases before 18.11.7, all 19.0-era releases before 19.0.4, and all 19.1-era releases be...

2.7CVSS6AI score0.00264EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/07/08 8:46 p.m.9 views

EUVD-2026-42407

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary scripts in another user's browser...

8.7CVSS6.2AI score0.00282EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/08 8:46 p.m.6 views

EUVD-2026-42404

GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user's stored credentials due to imprope...

4.9CVSS6AI score0.00255EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.10 views

PT-2026-56615

Name of the Vulnerable Software and Affected Versions GitLab EE versions 13.11 through 18.11.6 GitLab EE versions 19.0 through 19.0.3 GitLab EE versions 19.1 through 19.1.1 Description An issue exists where improper sanitization of user-supplied input could allow an authenticated user with...

8.7CVSS6AI score0.00282EPSS
Exploits0References8
OSV
OSV
added 2026/06/29 6:0 a.m.5 views

BIT-GITLAB-2026-0934 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with custom role permissions to view, create, or delete protected environment configuratio...

3.8CVSS5.8AI score0.00201EPSS
Exploits0References4
NCSC
NCSC
added 2026/06/25 11:26 a.m.11 views

Vulnerabilities are handled in GitLab Community Edition and Enterprise Edition

GitLab Inc. has identified several vulnerabilities in GitLab Enterprise Edition EE and other versions of GitLab, particularly in releases from version 8.3 to 19.1.1, with a focus on versions around 18.11.6, 19.0.3, and 19.1.1. These vulnerabilities affect various components of GitLab, including t...

8.7CVSS5.8AI score0.00328EPSS
Exploits0References1
Rows per page
Query Builder