Lucene search
K

15334 matches found

OSV
OSV
added 2026/06/11 12:16 p.m.8 views

UBUNTU-CVE-2026-8589

GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to add unauthorized email addresses to a targeted user's account due to improper...

8.7CVSS5.3AI score0.00255EPSS
Exploits0References5
OSV
OSV
added 2026/06/11 12:16 p.m.4 views

UBUNTU-CVE-2026-9694

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions, could have allowed an unauthenticated user to impersonate the GitLab Support Bot and inject arbitrary content via a specially...

4.3CVSS5.5AI score0.00211EPSS
Exploits0References5
OSV
OSV
added 2026/06/11 12:16 p.m.8 views

UBUNTU-CVE-2026-6277

GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with Security Manager-role permissions to manage project security configuration even whe...

4.3CVSS5.4AI score0.00182EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 12:9 p.m.6 views

Security Bulletin: Multiple vulnerabilities in IBM Tivoli Network Manager IP Edition

Summary Multiple vulnerabilities were addressed in IBM Tivoli Network Manager IP Edition 4.2.0.24 IFix 1 Vulnerability Details CVEID:CVE-2025-11143 DESCRIPTION: The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of...

9.9CVSS6.6AI score0.01127EPSS
Exploits1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/11 10:21 a.m.11 views

CVE-2026-1500 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

6.5CVSS5.5AI score0.00321EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/11 10:21 a.m.11 views

EUVD-2026-36232

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to access confidential issue details due to incorrect authorization checks...

3.1CVSS5.5AI score0.00236EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/11 10:20 a.m.30 views

CVE-2026-6269 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to modify hidden merge requests due to incorrect...

5.4CVSS0.00187EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/11 10:20 a.m.31 views

CVE-2026-6277 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with Security Manager-role permissions to manage project security configuration even whe...

4.3CVSS0.00182EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 10:20 a.m.55 views

CVE-2026-6277

GitLab EE contains an incorrect authorization issue (CVE-2026-6277) that could allow an authenticated user with Security Manager permissions to manage project security configuration even when the feature was disabled. Affects GitLab EE versions: 13.9 prior to 18.10.8, 18.11 prior to 18.11.5, and ...

4.3CVSS5.5AI score0.00182EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/11 10:20 a.m.33 views

CVE-2026-6552 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab account due to improper...

8.7CVSS0.00278EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 10:20 a.m.35 views

CVE-2026-6552

GitLab Elasticsearch? No—this CVE concerns GitLab Enterprise Edition (GitLab EE). Affected versions: 15.5 up to but not including 18.10.8, 18.11 up to but not including 18.11.5, and 19.0 up to but not including 19.0.2. Root cause: improper authorization in Group SAML identity management allowed a...

8.7CVSS5.5AI score0.00278EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/11 10:20 a.m.29 views

CVE-2026-6976 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to hide changes from merge request diff views due to...

3.7CVSS0.00158EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 10:20 a.m.11 views

CVE-2026-7250 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an unauthenticated user to cause denial of service due to improper input validation in the API request...

7.5CVSS5.5AI score0.0037EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/11 10:19 a.m.12 views

EUVD-2026-36225

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to read arbitrary files from the Gitaly server and access internal network resources...

6.5CVSS5.6AI score0.00247EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 10:19 a.m.12 views

EUVD-2026-36223

GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code on behalf of a...

8.7CVSS6AI score0.00249EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 10:19 a.m.65 views

CVE-2026-10087

GitLab Analytics Dashboard vulnerability (CVE-2026-10087) affects GitLab Enterprise Edition with disclosure that all 17.1–<18.10.8, all 18.11–<18.11.5, and all 19.0–

8.7CVSS6AI score0.00249EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2026/06/11 1:8 a.m.12 views

CVE-2026-10087

creationtimestamp| type| source ---|---|--- 2026-06-11 01:08:31+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-su-gitlab-ce/ee-16 2026-06-11 12:45:12+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnzaxmissr2y 2026-06-11 13:42:39+00:00| seen|...

8.7CVSS4.9AI score0.00249EPSS
Exploits0References5
Circl
Circl
added 2026/06/11 1:8 a.m.12 views

CVE-2026-7250

creationtimestamp| type| source ---|---|--- 2026-06-11 01:08:31+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-su-gitlab-ce/ee-16 2026-06-11 12:45:13+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnzaxmissr2y 2026-06-11 18:00:00+00:00| seen|...

7.5CVSS4.9AI score0.0037EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.14 views

PT-2026-48651

Name of the Vulnerable Software and Affected Versions GitLab EE versions 13.9 through 18.10.7 GitLab EE versions 18.11 through 18.11.4 GitLab EE versions 19.0 through 19.0.1 Description Incorrect authorization enforcement allows an authenticated user with Security Manager-role permissions to mana...

4.3CVSS5.2AI score0.00182EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 代码问题漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were code vulnerabilities in versions prior to 18.10 through 18.10.8...

6.5CVSS5.6AI score0.00247EPSS
Exploits0References1
Rows per page
Query Builder