CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

OSV•added 2026/06/12 9:5 a.m.•5 views

BIT-GITLAB-2026-8589 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to add unauthorized email addresses to a targeted user's account due to improper...

8.7CVSS5.3AI score0.00429EPSS

Exploits0References4

Tenable Nessus•added 2026/06/12 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-8589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain...

8.7CVSS5.5AI score0.00429EPSS

Exploits0References2

OSV•added 2026/06/11 12:16 p.m.•3 views

UBUNTU-CVE-2026-8589

8.7CVSS5.3AI score0.00429EPSS

Exploits0References5

EUVD•added 2026/06/11 10:20 a.m.•6 views

EUVD-2026-36226

8.7CVSS5.5AI score0.00429EPSS

Exploits0References3

Vulnrichment•added 2026/06/11 10:20 a.m.•8 views

CVE-2026-8589 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

7.3CVSS5.5AI score0.00429EPSS

Exploits0References3

Cvelist•added 2026/06/11 10:20 a.m.•23 views

CVE-2026-8589 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

7.3CVSS0.00429EPSS

Exploits0References3

Positive Technologies•added 2026/06/11 12:0 a.m.•10 views

PT-2026-48655

Name of the Vulnerable Software and Affected Versions GitLab EE versions 13.1.4 through 18.10.7 GitLab EE versions 18.11 through 18.11.4 GitLab EE versions 19.0 through 19.0.1 Description An issue exists where an authenticated user can add unauthorized email addresses to a targeted user's account...

8.7CVSS5.2AI score0.00429EPSS

Exploits0References9

CNNVD•added 2026/06/11 12:0 a.m.•8 views

GitLab Enterprise Edition（EE）跨站脚本漏洞

GitLab Enterprise Edition EE is a content management system provided by the American company GitLab. Versions of GitLab EE from 13.1.4 to 18.10.8, as well as versions from 18.11 to 18.11.5 and from 19.0 to 19.0.2, contained a cross-site scripting vulnerability. This vulnerability stemmed from...

8.7CVSS5AI score0.00429EPSS

Exploits0References1

Tenable Nessus•added 2026/06/11 12:0 a.m.•8 views

GitLab 13.1.4 < 18.10.8 / 18.11 < 18.11.5 / 19.0 < 19.0.2 (CVE-2026-8589)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an...

8.7CVSS5.4AI score0.00429EPSS

Exploits0References5

Positive Technologies•added 2026/05/27 12:0 a.m.•11 views

PT-2026-44124

The Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the send test email function in all versions up to, and including, 3.4.7. This makes it possible for authenticat...

4.3CVSS5.9AI score0.00207EPSS

Exploits0References3

OSV•added 2026/02/16 4:30 p.m.•4 views

BIT-GITLAB-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS5.6AI score0.00217EPSS

Exploits0References4

RedhatCVE•added 2026/02/12 1:42 p.m.•3 views

CVE-2026-0595

7.3CVSS5.5AI score0.00217EPSS

Exploits0References1

Tenable Nessus•added 2026/02/12 12:0 a.m.•6 views

GitLab 13.9 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2026-0595)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an...

7.3CVSS6AI score0.00217EPSS

Exploits0References5

Tenable Nessus•added 2026/02/12 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-0595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain...

7.3CVSS5.9AI score0.00217EPSS

Exploits0References2

NVD•added 2026/02/11 12:16 p.m.•3 views

CVE-2026-0595

7.3CVSS0.00217EPSS

Exploits0References3

OSV•added 2026/02/11 12:16 p.m.•1 views

UBUNTU-CVE-2026-0595

7.3CVSS5.8AI score0.00217EPSS

Exploits0References6

ATTACKERKB•added 2026/02/11 11:33 a.m.•5 views

CVE-2026-0595

7.3CVSS5.5AI score0.00217EPSS

Exploits0References4Affected Software1

CVE•added 2026/02/11 11:33 a.m.•12 views

CVE-2026-0595

Technical details are not publicly available in the provided documents. Monitor for updates to see affected products, impact, vector, and remediation.

7.3CVSS5.5AI score0.00217EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/02/11 11:33 a.m.•1 views

CVE-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

7.3CVSS5.5AI score0.00217EPSS

Exploits0References3