CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21289 matches found

CNNVD•added 2026/05/14 12:0 a.m.•5 views

GitLab Enterprise Edition（EE）和GitLab Community Edition（CE）安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions of GitLab CE/EE between 18...

7.5CVSS5.8AI score0.0005EPSS

Exploits0References1

Positive Technologies•added 2026/05/14 12:0 a.m.•5 views

PT-2026-40864

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.3 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description Improper access control allows an authenticated user with developer-role permissions to bypass packag...

4.3CVSS5.8AI score0.00011EPSS

Exploits0References5

CNNVD•added 2026/05/14 12:0 a.m.•6 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE from 9.0 to 18.9.7, a...

7.5CVSS5.9AI score0.00049EPSS

Exploits0References1

Tenable Nessus•added 2026/05/14 12:0 a.m.•5 views

GitLab 18.3 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-3607)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Access Control Check Implemented After Asset is Accessed in GitLab CVE-2026-3607 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

4.3CVSS5.8AI score0.00011EPSS

Exploits0References5

RedhatCVE•added 2026/05/13 8:23 p.m.•3 views

CVE-2026-42195

draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.9, the draw.io client accepts a ?gitlab= URL parameter that overrides the GitLab server URL used during OAuth sign-in. A crafted link causes the user's click on draw.io's "Authorize in GitLab" dialog to ope...

3.4CVSS5.8AI score0.00033EPSS

Exploits0References1

Positive Technologies•added 2026/05/13 12:0 a.m.•7 views

PT-2026-40876

Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.7 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description An issue in customizable analytics dashboards allows an authenticated user to execute arbitrary JavaScript in...

8.7CVSS6.1AI score0.00048EPSS

Exploits0References13

Wolfi•added 2026/05/12 7:48 a.m.•8 views

GHSA-389R-GV7P-R3RP vulnerabilities

Vulnerabilities for packages: kots, gitlab-runner, steampipe, kargo, melange, zarf, act, gitea, syft, argocd-image-updater, kubescape, pulumi-language-yaml, witness, src-fingerprint, external-secrets-operator, snyk-cli, wolfictl, grafana, tfsec, teleport, grype, trivy-operator, dagger, nuclei,...

5.4AI score

Exploits0

Wolfi•added 2026/05/12 7:48 a.m.•10 views

CVE-2026-45022 vulnerabilities

7.5CVSS5.4AI score0.00006EPSS

Exploits0

Chainguard•added 2026/05/12 7:19 a.m.•7 views

CVE-2026-45022 vulnerabilities

Vulnerabilities for packages: crossplane, kyverno, apko-fips, cerbos, dagger, pulumi, pulumi-kubernetes-operator, trivy-fips, grype, external-secrets-operator-fips, gitlab-runner-fips, coder, kubescape-server, kubevela, flux, kargo, witness, kots, skaffold-fips, trufflehog, src-fingerprint,...

7.5CVSS5.4AI score0.00006EPSS

Exploits0

Chainguard•added 2026/05/12 7:19 a.m.•4 views

GHSA-389R-GV7P-R3RP vulnerabilities

5.4AI score

Exploits0

Chainguard•added 2026/05/10 7:17 a.m.•6 views

GHSA-526F-JXPJ-JMG2 vulnerabilities