3087 matches found
CVE-2026-1387
GitLab has remediated an issue in GitLab EE affecting all versions from 15.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to cause Denial of Service by uploading a malicious file and repeatedly querying it through GraphQl...
CVE-2026-1387
Removed by vendor...
CVE-2026-25497
Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their...
PT-2026-7521
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.6 through 18.6.5 GitLab CE/EE versions 18.7 through 18.7.3 GitLab CE/EE versions 18.8 through 18.8.3 Description An authenticated user could potentially perform unauthorized operations by submitting GraphQL mutations...
PT-2026-7515
Name of the Vulnerable Software and Affected Versions GitLab EE versions 15.6 through 18.6.5 GitLab EE versions 18.7 through 18.7.3 GitLab EE versions 18.8 through 18.8.3 Description An authenticated user could potentially cause a Denial of Service by uploading a malicious file and repeatedly...
CVE-2025-8099
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.8 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions, could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries...
CVE-2025-14592
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to perform unauthorized operations by submitting GraphQL mutations through the GLQL API...
CVE-2026-1387
GitLab has remediated an issue in GitLab EE affecting all versions from 15.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to cause Denial of Service by uploading a malicious file and repeatedly querying it through GraphQl...
PT-2026-7523
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 10.8 through 18.6.6 GitLab CE/EE versions 18.7 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 Description GitLab CE/EE is susceptible to a denial-of-service condition. An unauthenticated user could potentially...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions prior to 18.6.6 of GitLab...
FreeBSD : Gitlab -- vulnerabilities (9d9940e7-071c-11f1-93ca-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9d9940e7-071c-11f1-93ca-2cf05da270f3 advisory. Gitlab reports: Incomplete Validation issue in Web IDE impacts GitLab CE/EE Denial of Service...
Craft CMS: GraphQL Asset Mutation Privilege Escalation
There is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their privileges and modify/transfer assets belonging to any other volume, including restricted or private volumes to which they should not...
GHSA-M5R2-8P9X-HP5M Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via Alternative IP Notation
I observed a recent commit intended to mitigate Server-Side Request Forgery SSRF vulnerabilities. While the implemented defense mechanisms are an improvement, I have identified two methods to bypass these protections. This report details the first bypass method involving alternative IP notation,...
Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via Alternative IP Notation
I observed a recent commit intended to mitigate Server-Side Request Forgery SSRF vulnerabilities. While the implemented defense mechanisms are an improvement, I have identified two methods to bypass these protections. This report details the first bypass method involving alternative IP notation,...
Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via HTTP Redirect
Summary The saveAsset GraphQL mutation validates the initial URL hostname and resolved IP against a blocklist, but Guzzle follows HTTP redirects by default. An attacker can bypass all SSRF protections by hosting a redirect that points to cloud metadata endpoints or any internal IP addresses. ---...
Server-side Request Forgery (SSRF)
Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in handleUpload, which is exploitable via the saveimagesAsset mutation in the GraphQL API. An attacker can retrieve sensitive internal resources, such as AWS...
Craft CMS: save_images_Asset graphql mutation can be abused to exfiltrate AWS credentials of underlying host
Summary - The saveimagesAsset graphql mutation allows a user to give a url of an image to download. Url must use a domain, not a raw IP. - Attacker sets up domain attacker.domain with an A record of something like 169.254.169.254 special AWS metadata IP - Attacker invokes saveimagesAsset with url...
CVE-2026-25497
Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their...
CVE-2026-25497
Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their...
CVE-2026-25497 Craft has a GraphQL Asset Mutation Privilege Escalation
Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their...