21402 matches found
CVE-2026-3988
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance unresponsive due to improper input validation in...
EUVD-2026-15481
GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that under certain conditions could have allowed an authenticated user to gain unauthorized access to resources due to improper caching of authorization decisio...
CVE-2026-4363
GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that under certain conditions could have allowed an authenticated user to gain unauthorized access to resources due to improper caching of authorization decisio...
CVE-2026-4363 Incorrect Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that under certain conditions could have allowed an authenticated user to gain unauthorized access to resources due to improper caching of authorization decisio...
CVE-2026-4363
Removed by vendor...
CVE-2026-4363 Incorrect Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that under certain conditions could have allowed an authenticated user to gain unauthorized access to resources due to improper caching of authorization decisio...
PT-2026-27987
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.10 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An authenticated user could perform unauthorized actions on merge requests in other projects. This was...
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. Vulnerabilities exist in versions of GitLab CE/EE 18.5 to 18.8.7, 18.9 ...
GitLab 18.5 < 18.8.7 / 18.9 < 18.9.3 / 18.10 < 18.10.1 (CVE-2026-1724)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to access API...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 18.8.7, 18.9.3, and 18.10.1 contain...
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. Security vulnerabilities exist in versions of GitLab EE 15.4 to 18.8.7,...
PT-2026-28063
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.10 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An issue exists in GitLab CE/EE that could allow an unauthenticated user to execute arbitrary GraphQL...
PT-2026-27803
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.10 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An authenticated user could potentially cause a denial of service by exploiting excessive resource...
GitLab 15.4 < 18.8.7 / 18.9 < 18.9.3 / 18.10 < 18.10.1 (CVE-2026-2995)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email...
GitLab 跨站脚本漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Versions of GitLab CE/EE prior to 18.8.7, 18.9.3, and 18.10.1 contained...
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.8.7, 18.9.3...
PT-2026-27804
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.7 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An authenticated user could potentially cause a denial of service due to excessive resource consumption...
GitLab 17.10 < 18.8.7 / 18.9 < 18.9.3 / 18.10 < 18.10.1 (CVE-2026-3857)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute...
PT-2026-27991
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.7 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An authenticated user could execute arbitrary JavaScript in a user's browser. This is due to improper...
PT-2026-27992
Name of the Vulnerable Software and Affected Versions GitLab EE versions 15.4 through 18.8.6 GitLab EE versions 18.9 through 18.9.2 GitLab EE versions 18.10 through 18.10.0 Description An authenticated user could add email addresses to targeted user accounts due to improper sanitization of HTML...