Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0733
Vulnerability from certfr_avis - Published: 2026-06-11 - Updated: 2026-06-11
De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une falsification de requêtes côté serveur (SSRF).
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| GitLab | GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) | GitLab Community Edition (CE) et Enterprise Edition (EE) versions antérieures à 18.10.8 | ||
| GitLab | GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) | GitLab Community Edition (CE) et Enterprise Edition (EE) versions 19.0.x antérieures à 19.0.2 | ||
| GitLab | GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) | GitLab Community Edition (CE) et Enterprise Edition (EE) versions 18.11.x antérieures à 18.11.5 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GitLab Community Edition (CE) et Enterprise Edition (EE) versions ant\u00e9rieures \u00e0 18.10.8",
"product": {
"name": "GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)",
"vendor": {
"name": "GitLab",
"scada": false
}
}
},
{
"description": "GitLab Community Edition (CE) et Enterprise Edition (EE) versions 19.0.x ant\u00e9rieures \u00e0 19.0.2",
"product": {
"name": "GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)",
"vendor": {
"name": "GitLab",
"scada": false
}
}
},
{
"description": "GitLab Community Edition (CE) et Enterprise Edition (EE) versions 18.11.x ant\u00e9rieures \u00e0 18.11.5",
"product": {
"name": "GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)",
"vendor": {
"name": "GitLab",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-7250",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7250"
},
{
"name": "CVE-2026-8589",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8589"
},
{
"name": "CVE-2026-9694",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9694"
},
{
"name": "CVE-2026-6269",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6269"
},
{
"name": "CVE-2026-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3553"
},
{
"name": "CVE-2026-6976",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6976"
},
{
"name": "CVE-2026-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6277"
},
{
"name": "CVE-2026-9204",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9204"
},
{
"name": "CVE-2026-10087",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10087"
},
{
"name": "CVE-2026-1500",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1500"
},
{
"name": "CVE-2026-6552",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6552"
},
{
"name": "CVE-2026-10733",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10733"
}
],
"initial_release_date": "2026-06-11T00:00:00",
"last_revision_date": "2026-06-11T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0733",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans GitLab. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF).",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans GitLab",
"vendor_advisories": [
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 GitLab",
"url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-0-2-released/"
}
]
}
CVE-2026-10087 (GCVE-0-2026-10087)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:19 – Updated: 2026-06-11 12:39
VLAI
EPSS
Title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Summary
GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code on behalf of a targeted user due to improper input sanitization in the Analytics Dashboard.
Severity
8.7 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://hackerone.com/reports/3759090 | technical-descriptionexploitpermissions-required |
| https://about.gitlab.com/releases/2026/06/10/patc… |
Impacted products
Credits
Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10087",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:39:39.206911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:39:51.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "17.1",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code on behalf of a targeted user due to improper input sanitization in the Analytics Dashboard."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:19:41.424Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/601633"
},
{
"name": "HackerOne Bug Bounty Report #3759090",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3759090"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-10087",
"datePublished": "2026-06-11T10:19:41.424Z",
"dateReserved": "2026-05-29T12:04:44.827Z",
"dateUpdated": "2026-06-11T12:39:51.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10733 (GCVE-0-2026-10733)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:19 – Updated: 2026-06-11 12:40
VLAI
EPSS
Title
Improper Restriction of Rendered UI Layers or Frames in GitLab
Summary
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that could have allowed an authenticated user to cause denial of service on the CI/CD Catalog page due to improper sanitization.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1021 - Improper Restriction of Rendered UI Layers or Frames
Assigner
References
Impacted products
Credits
This vulnerability has been discovered internally by GitLab team member Miguel Jimeno
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:40:15.077741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:40:20.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "17.0",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability has been discovered internally by GitLab team member Miguel Jimeno"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that could have allowed an authenticated user to cause denial of service on the CI/CD Catalog page due to improper sanitization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1021",
"description": "CWE-1021: Improper Restriction of Rendered UI Layers or Frames",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:19:27.101Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/600446"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Improper Restriction of Rendered UI Layers or Frames in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-10733",
"datePublished": "2026-06-11T10:19:27.101Z",
"dateReserved": "2026-06-03T12:34:00.436Z",
"dateUpdated": "2026-06-11T12:40:20.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1500 (GCVE-0-2026-1500)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:21 – Updated: 2026-06-11 12:20
VLAI
EPSS
Title
Allocation of Resources Without Limits or Throttling in GitLab
Summary
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing a specially crafted file upload.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://hackerone.com/reports/3517331 | technical-descriptionexploitpermissions-required |
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://about.gitlab.com/releases/2026/06/10/patc… |
Impacted products
Credits
Thanks [a92847865](https://hackerone.com/a92847865) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:18:11.879672Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:20:51.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "17.10",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [a92847865](https://hackerone.com/a92847865) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing a specially crafted file upload."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:21:51.428Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "HackerOne Bug Bounty Report #3517331",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3517331"
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/587825"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Allocation of Resources Without Limits or Throttling in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-1500",
"datePublished": "2026-06-11T10:21:51.428Z",
"dateReserved": "2026-01-27T18:04:29.176Z",
"dateUpdated": "2026-06-11T12:20:51.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3553 (GCVE-0-2026-3553)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:21 – Updated: 2026-06-11 12:28
VLAI
EPSS
Title
Incorrect Authorization in GitLab
Summary
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to access confidential issue details due to incorrect authorization checks.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://hackerone.com/reports/3578216 | technical-descriptionexploitpermissions-required |
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://about.gitlab.com/releases/2026/06/10/patc… |
Impacted products
Credits
Thanks [go7f0](https://hackerone.com/go7f0) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3553",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:28:17.019689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:28:57.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "12.0",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [go7f0](https://hackerone.com/go7f0) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to access confidential issue details due to incorrect authorization checks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:21:26.429Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "HackerOne Bug Bounty Report #3578216",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3578216"
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/592295"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-3553",
"datePublished": "2026-06-11T10:21:26.429Z",
"dateReserved": "2026-03-04T19:03:38.508Z",
"dateUpdated": "2026-06-11T12:28:57.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6269 (GCVE-0-2026-6269)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:20 – Updated: 2026-06-11 12:30
VLAI
EPSS
Title
Incorrect Authorization in GitLab
Summary
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to modify hidden merge requests due to incorrect authorization enforcements.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://hackerone.com/reports/3661880 | technical-descriptionexploitpermissions-required |
| https://about.gitlab.com/releases/2026/06/10/patc… |
Impacted products
Credits
Thanks [rogerace](https://hackerone.com/rogerace) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6269",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:29:55.738457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:30:06.368Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "15.10",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [rogerace](https://hackerone.com/rogerace) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to modify hidden merge requests due to incorrect authorization enforcements."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:20:41.430Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/596625"
},
{
"name": "HackerOne Bug Bounty Report #3661880",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3661880"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-6269",
"datePublished": "2026-06-11T10:20:41.430Z",
"dateReserved": "2026-04-14T11:04:04.629Z",
"dateUpdated": "2026-06-11T12:30:06.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6277 (GCVE-0-2026-6277)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:20 – Updated: 2026-06-11 12:31
VLAI
EPSS
Title
Incorrect Authorization in GitLab
Summary
GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with Security Manager-role permissions to manage project security configuration even when the relevant feature was in a disabled state, due to incorrect authorization enforcement.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://hackerone.com/reports/3662615 | technical-descriptionexploitpermissions-required |
| https://about.gitlab.com/releases/2026/06/10/patc… |
Impacted products
Credits
Thanks [mateuszek](https://hackerone.com/mateuszek) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:30:20.404806Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:31:03.704Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "13.9",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [mateuszek](https://hackerone.com/mateuszek) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with Security Manager-role permissions to manage project security configuration even when the relevant feature was in a disabled state, due to incorrect authorization enforcement."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:20:31.429Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/596656"
},
{
"name": "HackerOne Bug Bounty Report #3662615",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3662615"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-6277",
"datePublished": "2026-06-11T10:20:31.429Z",
"dateReserved": "2026-04-14T14:05:32.198Z",
"dateUpdated": "2026-06-11T12:31:03.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6552 (GCVE-0-2026-6552)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:20 – Updated: 2026-06-12 03:55
VLAI
EPSS
Title
Authorization Bypass Through User-Controlled Key in GitLab
Summary
GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab account due to improper authorization in the Group SAML identity management functionality.
Severity
8.7 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://hackerone.com/reports/3655189 | technical-descriptionexploitpermissions-required |
| https://about.gitlab.com/releases/2026/06/10/patc… |
Impacted products
Credits
Thanks [cyberjoker](https://hackerone.com/cyberjoker) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6552",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T03:55:25.275Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "15.5",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [cyberjoker](https://hackerone.com/cyberjoker) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member\u0027s GitLab account due to improper authorization in the Group SAML identity management functionality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:20:21.427Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/597295"
},
{
"name": "HackerOne Bug Bounty Report #3655189",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3655189"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Authorization Bypass Through User-Controlled Key in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-6552",
"datePublished": "2026-06-11T10:20:21.427Z",
"dateReserved": "2026-04-17T21:34:28.848Z",
"dateUpdated": "2026-06-12T03:55:25.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6976 (GCVE-0-2026-6976)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:20 – Updated: 2026-06-11 12:33
VLAI
EPSS
Title
Authorization Bypass Through User-Controlled Key in GitLab
Summary
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to hide changes from merge request diff views due to improper input handling of file names.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://hackerone.com/reports/3638136 | technical-descriptionexploitpermissions-required |
| https://about.gitlab.com/releases/2026/06/10/patc… |
Impacted products
Credits
Thanks [xorz](https://hackerone.com/xorz) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6976",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:33:12.743514Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:33:23.414Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "15.9",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [xorz](https://hackerone.com/xorz) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to hide changes from merge request diff views due to improper input handling of file names."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:20:11.436Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/598165"
},
{
"name": "HackerOne Bug Bounty Report #3638136",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3638136"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Authorization Bypass Through User-Controlled Key in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-6976",
"datePublished": "2026-06-11T10:20:11.436Z",
"dateReserved": "2026-04-24T18:33:29.831Z",
"dateUpdated": "2026-06-11T12:33:23.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7250 (GCVE-0-2026-7250)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:20 – Updated: 2026-06-11 12:27
VLAI
EPSS
Title
Allocation of Resources Without Limits or Throttling in GitLab
Summary
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an unauthenticated user to cause denial of service due to improper input validation in the API request parsing middleware.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://hackerone.com/reports/3671995 | technical-descriptionexploitpermissions-required |
| https://about.gitlab.com/releases/2026/06/10/patc… |
Impacted products
Credits
Thanks [svalkanov](https://hackerone.com/svalkanov) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7250",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:26:59.036767Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:27:15.170Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "12.10",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [svalkanov](https://hackerone.com/svalkanov) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an unauthenticated user to cause denial of service due to improper input validation in the API request parsing middleware."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:20:06.443Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/598311"
},
{
"name": "HackerOne Bug Bounty Report #3671995",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3671995"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Allocation of Resources Without Limits or Throttling in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-7250",
"datePublished": "2026-06-11T10:20:06.443Z",
"dateReserved": "2026-04-27T18:33:17.352Z",
"dateUpdated": "2026-06-11T12:27:15.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8589 (GCVE-0-2026-8589)
Vulnerability from cvelistv5 – Published: 2026-06-11 10:20 – Updated: 2026-06-11 12:28
VLAI
EPSS
Title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Summary
GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to add unauthorized email addresses to a targeted user's account due to improper sanitization of user-supplied input in certain group setting fields.
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://hackerone.com/reports/3722842 | technical-descriptionexploitpermissions-required |
| https://about.gitlab.com/releases/2026/06/10/patc… |
Impacted products
Credits
Thanks [go7f0](https://hackerone.com/go7f0) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8589",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:27:53.213287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:28:51.255Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.10.8",
"status": "affected",
"version": "13.1.4",
"versionType": "semver"
},
{
"lessThan": "18.11.5",
"status": "affected",
"version": "18.11",
"versionType": "semver"
},
{
"lessThan": "19.0.2",
"status": "affected",
"version": "19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [go7f0](https://hackerone.com/go7f0) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to add unauthorized email addresses to a targeted user\u0027s account due to improper sanitization of user-supplied input in certain group setting fields."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T10:20:01.515Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/600099"
},
{
"name": "HackerOne Bug Bounty Report #3722842",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3722842"
},
{
"url": "https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.10.8, 18.11.5, 19.0.2 or above."
}
],
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-8589",
"datePublished": "2026-06-11T10:20:01.515Z",
"dateReserved": "2026-05-14T08:04:55.813Z",
"dateUpdated": "2026-06-11T12:28:51.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…