PT-2026-40863

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.7 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue in the Jira integration filter allows an authenticated user to view Jira issues outside the...

GitLab 18.7 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-7377)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in GitLab CVE-2026-7377 Note that Nessus has not tested for this issue but has instead relied only on the application...

GitLab 17.10 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-1338)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Authorization Bypass Through User-Controlled Key in GitLab CVE-2026-1338 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

PT-2026-40861

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.6 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description Improper authorization checks allow an authenticated user with developer-role permissions to bypass...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. There were security vulnerabilities in versions of GitLab EE from 11.10...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE 18.9.1 to 18.9.7, 18....

PT-2026-40854

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.5 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an unauthenticated user can cause a denial of service by sending specially...

PT-2026-40858

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.0 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description Improper authorization allows an authenticated user possessing a read api scoped OAuth application to...

PT-2026-40853

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 15.1 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an authenticated user with Guest permissions can view issues in projects they a...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.9.7, 18.10....

GitLab 18.7 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-6073)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in GitLab CVE-2026-6073 Note that Nessus has not tested for this issue but has instead relied only on the application...

GitLab 18.8 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-7471)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Server-Side Request Forgery SSRF in GitLab CVE-2026-7471 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 809...

GitLab 11.10 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-4527)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Cross-Site Request Forgery CSRF in GitLab CVE-2026-4527 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 8090...

GitLab 16.10 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-2900)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Missing Authorization in GitLab CVE-2026-2900 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenabl...

GitLab 18.9.1 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-4524)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Authentication Bypass Using an Alternate Path or Channel in GitLab CVE-2026-4524 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

PT-2026-40872

Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.7 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description An issue exists where improper input sanitization allows an authenticated user to execute arbitrary JavaScript...

GitLab 跨站脚本漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Versions of GitLab EE prior to 18.7.7, 18.10 prior to 18.10.6, and 18.1...

PT-2026-40855

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.5 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an unauthenticated user can cause a denial of service by sending specially...

GitLab 15.1 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-8144)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Missing Authorization in GitLab CVE-2026-8144 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenabl...

GitLab 18.11 < 18.11.3 (CVE-2026-6335)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in GitLab CVE-2026-6335 Note that Nessus has not tested for this issue but has instead relied only on the application...