CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21394 matches found

NVD•added 2026/04/22 5:16 p.m.•3 views

CVE-2026-5816

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.4 and 18.11 before 18.11.1 that could have allowed an unauthenticated user to execute arbitrary JavaScript in a user's browser session due to improper path validation under certain conditions...

8.1CVSS0.00028EPSS

Exploits0References3

NVD•added 2026/04/22 5:16 p.m.•2 views

CVE-2026-5262

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an unauthenticated user to access tokens in the Storybook development environment due to improper input...

8CVSS0.00073EPSS

Exploits0References3

NVD•added 2026/04/22 5:16 p.m.•2 views

CVE-2026-5377

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that could have allowed an authenticated user to access titles of confidential or private issues in public projects due to improper access control in the issue description rendering process...

4.3CVSS0.00017EPSS

Exploits0References3

NVD•added 2026/04/22 5:16 p.m.•1 views

CVE-2026-6515

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or incorrectly scoped credentials to access Virtual Registries under certain conditions...

5.4CVSS0.00015EPSS

Exploits0References2

NVD•added 2026/04/22 5:16 p.m.•1 views

CVE-2026-3254

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to load unauthorized content into another user's browser due to improper input validation in the Mermaid sandbox...

3.5CVSS0.00013EPSS

Exploits0References2

NVD•added 2026/04/22 5:16 p.m.•1 views

CVE-2025-6016

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service due to insufficient resource allocation limits when retrieving notes under certain...

6.5CVSS0.00032EPSS

Exploits0References3

NVD•added 2026/04/22 5:16 p.m.•2 views

CVE-2026-1660

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to cause denial of service when importing issues due to improper input validation...

6.5CVSS0.00078EPSS

Exploits0References3

NVD•added 2026/04/22 5:16 p.m.•3 views

CVE-2025-9957

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user with project owner permissions to bypass group fork prevention settings due to...

2.7CVSS0.00017EPSS

Exploits0References3

NVD•added 2026/04/22 5:16 p.m.•2 views

CVE-2025-3922

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service by overwhelming system resources under certain conditions due to insufficient...

6.5CVSS0.00047EPSS

Exploits0References3

NVD•added 2026/04/22 5:16 p.m.•4 views

CVE-2025-0186

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service under certain conditions by exhausting server resources by making crafted requests...

6.5CVSS0.00046EPSS

Exploits0References3