Vulnerability-Lookup

CVE-2026-11379 (GCVE-0-2026-11379)

Vulnerability from cvelistv5 – Published: 2026-06-25 04:33 – Updated: 2026-06-25 13:11

Title

Incorrect Authorization in GitLab

Summary

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under certain conditions.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-863 - Incorrect Authorization

Assigner

GitLab

References

2 references

URL	Tags
https://gitlab.com/gitlab-org/gitlab/-/work_items…
https://docs.gitlab.com/releases/patches/patch-re…

Impacted products

1 product

Vendor	Product	Version
GitLab	GitLab	Affected: 13.11 , < 18.11.6 (semver) Affected: 19.0 , < 19.0.3 (semver) Affected: 19.1 , < 19.1.1 (semver) cpe:2.3:a:gitlab:gitlab::::::::

Credits

This vulnerability has been discovered internally by GitLab team member David Nelson

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-11379",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T13:10:02.747596Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:11:32.968Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "18.11.6",
              "status": "affected",
              "version": "13.11",
              "versionType": "semver"
            },
            {
              "lessThan": "19.0.3",
              "status": "affected",
              "version": "19.0",
              "versionType": "semver"
            },
            {
              "lessThan": "19.1.1",
              "status": "affected",
              "version": "19.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This vulnerability has been discovered internally by GitLab team member David Nelson"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under certain conditions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T04:33:49.041Z",
        "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "shortName": "GitLab"
      },
      "references": [
        {
          "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/517659"
        },
        {
          "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
        }
      ],
      "title": "Incorrect Authorization in GitLab"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
    "assignerShortName": "GitLab",
    "cveId": "CVE-2026-11379",
    "datePublished": "2026-06-25T04:33:49.041Z",
    "dateReserved": "2026-06-05T12:50:38.119Z",
    "dateUpdated": "2026-06-25T13:11:32.968Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-11379",
      "date": "2026-06-25",
      "epss": "0.00188",
      "percentile": "0.0855"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-11379\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-25T13:10:02.747596Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-25T13:10:37.803Z\"}}], \"cna\": {\"title\": \"Incorrect Authorization in GitLab\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"This vulnerability has been discovered internally by GitLab team member David Nelson\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*\"], \"repo\": \"git://git@gitlab.com:gitlab-org/gitlab.git\", \"vendor\": \"GitLab\", \"product\": \"GitLab\", \"versions\": [{\"status\": \"affected\", \"version\": \"13.11\", \"lessThan\": \"18.11.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"19.0\", \"lessThan\": \"19.0.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"19.1\", \"lessThan\": \"19.1.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above.\"}], \"references\": [{\"url\": \"https://gitlab.com/gitlab-org/gitlab/-/work_items/517659\"}, {\"url\": \"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under certain conditions.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863: Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"ceab7361-8a18-47b1-92ba-4d7d25f6715a\", \"shortName\": \"GitLab\", \"dateUpdated\": \"2026-06-25T04:33:49.041Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-11379\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-25T13:11:32.968Z\", \"dateReserved\": \"2026-06-05T12:50:38.119Z\", \"assignerOrgId\": \"ceab7361-8a18-47b1-92ba-4d7d25f6715a\", \"datePublished\": \"2026-06-25T04:33:49.041Z\", \"assignerShortName\": \"GitLab\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0799

Vulnerability from certfr_avis - Published: 2026-06-25 - Updated: 2026-06-25

De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une falsification de requêtes côté serveur (SSRF) et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Enterprise Edition (EE) versions 19.1.x antérieures à 19.1.1
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Enterprise Edition (EE) versions antérieures à 18.11.6
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Enterprise Edition (EE) versions 19.0.x antérieures à 19.0.3

References

Title

Publication Time

GHSA-9MC7-W3H9-CMMF

Vulnerability from github – Published: 2026-06-25 06:30 – Updated: 2026-06-25 06:30

Details

Severity

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-11379"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-25T05:16:50Z",
    "severity": "MODERATE"
  },
  "details": "GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under certain conditions.",
  "id": "GHSA-9mc7-w3h9-cmmf",
  "modified": "2026-06-25T06:30:42Z",
  "published": "2026-06-25T06:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11379"
    },
    {
      "type": "WEB",
      "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/517659"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

NCSC-2026-0211

Vulnerability from csaf_ncscnl - Published: 2026-06-25 11:26 - Updated: 2026-06-25 11:26

Summary

Kwetsbaarheden verholpen in GitLab Community Edition en Enterprise Edition

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: GitLab Inc. heeft meerdere kwetsbaarheden verholpen in GitLab Enterprise Edition (EE) en andere GitLab versies, specifiek in releases van versie 8.3 tot en met 19.1.1, met nadruk op versies rond 18.11.6, 19.0.3 en 19.1.1.

Interpretaties: De kwetsbaarheden betreffen verschillende onderdelen van GitLab, waaronder de package management system, DAST site profile management, CI/CD API endpoints, Snippet feature, mirror synchronisatie, en project issue tracking. Diverse problemen zijn gerelateerd aan onjuiste autorisatiecontroles, onvoldoende validatie van input en output, en onjuiste filtering van gevoelige data. Hierdoor kunnen gebruikers met beperkte of geauthenticeerde rechten onder andere: - toegang krijgen tot metadata van pakketten ondanks uitgeschakelde registraties, - beveiligingsregels voor pakketten omzeilen en metadata overschrijven, - geheimen uit DAST site profielen uitlezen, - cross-site scripting (XSS) aanvallen uitvoeren via onvoldoende padvalidatie en input sanitatie, - beschermde omgevingsconfiguraties benaderen of wijzigen ondanks zichtbaarheid-instellingen, - verborgen of ongeautoriseerde inhoud in Snippets plaatsen, - gevoelige projectinformatie inzien zonder juiste rechten, - client-side code injecteren in sessies van andere gebruikers, - gevoelige informatie in logs laten verschijnen door onvoldoende filtering, - vertrouwelijke issue-referenties op publieke projecten benaderen zonder authenticatie, - interne netwerkresources benaderen via mirror synchronisatie door onvoldoende URL-validatie, - en virtuele registry cleanup policies van andere groepen aanpassen door onvoldoende toegangscontrole. Deze kwetsbaarheden zijn aanwezig in meerdere opeenvolgende versies van GitLab en betreffen zowel authenticatie- als autorisatieproblemen, alsmede input- en outputvalidatie.

Oplossingen: GitLab heeft updates en patches uitgebracht voor de genoemde versies om de diverse kwetsbaarheden te verhelpen door verbeterde autorisatiecontroles, input- en outputvalidatie, en filtering van gevoelige data te implementeren. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-94: Improper Control of Generation of Code ('Code Injection')

CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action

CWE-532: Insertion of Sensitive Information into Log File

CWE-639: Authorization Bypass Through User-Controlled Key

CWE-862: Missing Authorization

CWE-863: Incorrect Authorization

CVE-2026-5796

GitLab addressed a security flaw in versions 13.6 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 where Reporter-level users could access package metadata from projects with the Package Registry disabled due to improper authorization in the group packages feature.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-863 - Incorrect Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-5952

GitLab versions prior to 18.11.6, 19.0.3, and 19.1.1 contained a security flaw allowing authenticated developers to bypass package protection rules and overwrite protected Maven package metadata due to improper authorization checks.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE-863 - Incorrect Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-11379

GitLab fixed an authorization vulnerability in GitLab EE versions 13.11 to 19.1.1 that allowed users with Developer roles to improperly access and exfiltrate DAST site profile secrets.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-863 - Incorrect Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-10712

GitLab addressed a security flaw in versions 18.10 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 that allowed unauthenticated users to execute arbitrary JavaScript via improper path validation.

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-0934

GitLab addressed a security vulnerability in GitLab EE versions prior to 18.11.6, 19.0.3, and 19.1.1 that allowed authenticated users with custom role permissions to access or modify protected environment configurations despite CI/CD visibility being disabled.

3.8 (Low)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

CWE-863 - Incorrect Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-1606

GitLab addressed a vulnerability in versions 14.8 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 that allowed authenticated users to conceal content within Snippets due to improper input validation.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-3176

GitLab addressed a security flaw in GitLab EE versions 18.6 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 that allowed authenticated users with limited permissions to improperly access project information due to insufficient authorization checks.

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-862 - Missing Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-10086

GitLab addressed a security flaw in multiple Enterprise Edition versions that allowed authenticated developers to execute arbitrary client-side code in other users' sessions due to improper input sanitization.

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-12053

GitLab addressed a security vulnerability in GitLab EE versions 19.1 to before 19.1.1 where insufficient output filtering in Duo Workflows could expose sensitive committed project information to unauthorized users.

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-532 - Insertion of Sensitive Information into Log File

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-8330

GitLab addressed a vulnerability in multiple versions where sensitive information could be exposed in application logs due to insufficient filtering in a CI/CD API endpoint.

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-532 - Insertion of Sensitive Information into Log File

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-2238

GitLab addressed a security flaw in versions 17.5 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 that allowed unauthenticated users to access confidential issue references on public projects due to improper authorization checks.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-862 - Missing Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-12635

GitLab versions 8.3 to before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 contain a vulnerability where authenticated maintainers can exploit improper URL validation to access internal network resources via mirror synchronization.

0.0 (None)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N

CWE-350 - Reliance on Reverse DNS Resolution for a Security-Critical Action

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

CVE-2026-5309

GitLab addressed a security vulnerability in specific GitLab EE versions that permitted authenticated users to improperly access or alter another group's virtual registry cleanup policy settings.

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / Community Edition, Enterprise Edition		vers:unknown/*

References

14 references

URL	Category
https://docs.gitlab.com/releases/patches/patch-re…	external
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "GitLab Inc. heeft meerdere kwetsbaarheden verholpen in GitLab Enterprise Edition (EE) en andere GitLab versies, specifiek in releases van versie 8.3 tot en met 19.1.1, met nadruk op versies rond 18.11.6, 19.0.3 en 19.1.1.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden betreffen verschillende onderdelen van GitLab, waaronder de package management system, DAST site profile management, CI/CD API endpoints, Snippet feature, mirror synchronisatie, en project issue tracking. Diverse problemen zijn gerelateerd aan onjuiste autorisatiecontroles, onvoldoende validatie van input en output, en onjuiste filtering van gevoelige data. Hierdoor kunnen gebruikers met beperkte of geauthenticeerde rechten onder andere: \n- toegang krijgen tot metadata van pakketten ondanks uitgeschakelde registraties,\n- beveiligingsregels voor pakketten omzeilen en metadata overschrijven,\n- geheimen uit DAST site profielen uitlezen,\n- cross-site scripting (XSS) aanvallen uitvoeren via onvoldoende padvalidatie en input sanitatie,\n- beschermde omgevingsconfiguraties benaderen of wijzigen ondanks zichtbaarheid-instellingen,\n- verborgen of ongeautoriseerde inhoud in Snippets plaatsen,\n- gevoelige projectinformatie inzien zonder juiste rechten,\n- client-side code injecteren in sessies van andere gebruikers,\n- gevoelige informatie in logs laten verschijnen door onvoldoende filtering,\n- vertrouwelijke issue-referenties op publieke projecten benaderen zonder authenticatie,\n- interne netwerkresources benaderen via mirror synchronisatie door onvoldoende URL-validatie,\n- en virtuele registry cleanup policies van andere groepen aanpassen door onvoldoende toegangscontrole.\nDeze kwetsbaarheden zijn aanwezig in meerdere opeenvolgende versies van GitLab en betreffen zowel authenticatie- als autorisatieproblemen, alsmede input- en outputvalidatie.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "GitLab heeft updates en patches uitgebracht voor de genoemde versies om de diverse kwetsbaarheden te verhelpen door verbeterde autorisatiecontroles, input- en outputvalidatie, en filtering van gevoelige data te implementeren. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
        "title": "CWE-94"
      },
      {
        "category": "general",
        "text": "Reliance on Reverse DNS Resolution for a Security-Critical Action",
        "title": "CWE-350"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Missing Authorization",
        "title": "CWE-862"
      },
      {
        "category": "general",
        "text": "Incorrect Authorization",
        "title": "CWE-863"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
      }
    ],
    "title": "Kwetsbaarheden verholpen in GitLab Community Edition en Enterprise Edition",
    "tracking": {
      "current_release_date": "2026-06-25T11:26:42.766764Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0211",
      "initial_release_date": "2026-06-25T11:26:42.766764Z",
      "revision_history": [
        {
          "date": "2026-06-25T11:26:42.766764Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Community Edition, Enterprise Edition"
          }
        ],
        "category": "vendor",
        "name": "GitLab"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-5796",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security flaw in versions 13.6 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 where Reporter-level users could access package metadata from projects with the Package Registry disabled due to improper authorization in the group packages feature.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-5796 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-5796.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-5796"
    },
    {
      "cve": "CVE-2026-5952",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "description",
          "text": "GitLab versions prior to 18.11.6, 19.0.3, and 19.1.1 contained a security flaw allowing authenticated developers to bypass package protection rules and overwrite protected Maven package metadata due to improper authorization checks.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-5952 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-5952.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-5952"
    },
    {
      "cve": "CVE-2026-11379",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "description",
          "text": "GitLab fixed an authorization vulnerability in GitLab EE versions 13.11 to 19.1.1 that allowed users with Developer roles to improperly access and exfiltrate DAST site profile secrets.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-11379 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-11379.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-11379"
    },
    {
      "cve": "CVE-2026-10712",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security flaw in versions 18.10 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 that allowed unauthenticated users to execute arbitrary JavaScript via improper path validation.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-10712 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-10712.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-10712"
    },
    {
      "cve": "CVE-2026-0934",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security vulnerability in GitLab EE versions prior to 18.11.6, 19.0.3, and 19.1.1 that allowed authenticated users with custom role permissions to access or modify protected environment configurations despite CI/CD visibility being disabled.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0934 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0934.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-0934"
    },
    {
      "cve": "CVE-2026-1606",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        },
        {
          "category": "description",
          "text": "GitLab addressed a vulnerability in versions 14.8 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 that allowed authenticated users to conceal content within Snippets due to improper input validation.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-1606 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-1606.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-1606"
    },
    {
      "cve": "CVE-2026-3176",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security flaw in GitLab EE versions 18.6 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 that allowed authenticated users with limited permissions to improperly access project information due to insufficient authorization checks.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-3176 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-3176.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-3176"
    },
    {
      "cve": "CVE-2026-10086",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security flaw in multiple Enterprise Edition versions that allowed authenticated developers to execute arbitrary client-side code in other users\u0027 sessions due to improper input sanitization.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-10086 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-10086.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-10086"
    },
    {
      "cve": "CVE-2026-12053",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security vulnerability in GitLab EE versions 19.1 to before 19.1.1 where insufficient output filtering in Duo Workflows could expose sensitive committed project information to unauthorized users.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-12053 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-12053.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-12053"
    },
    {
      "cve": "CVE-2026-8330",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        },
        {
          "category": "description",
          "text": "GitLab addressed a vulnerability in multiple versions where sensitive information could be exposed in application logs due to insufficient filtering in a CI/CD API endpoint.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-8330 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-8330.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-8330"
    },
    {
      "cve": "CVE-2026-2238",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security flaw in versions 17.5 to before 18.11.6, 19.0 to before 19.0.3, and 19.1 to before 19.1.1 that allowed unauthenticated users to access confidential issue references on public projects due to improper authorization checks.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-2238 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-2238.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-2238"
    },
    {
      "cve": "CVE-2026-12635",
      "cwe": {
        "id": "CWE-350",
        "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action"
      },
      "notes": [
        {
          "category": "other",
          "text": "Reliance on Reverse DNS Resolution for a Security-Critical Action",
          "title": "CWE-350"
        },
        {
          "category": "description",
          "text": "GitLab versions 8.3 to before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 contain a vulnerability where authenticated maintainers can exploit improper URL validation to access internal network resources via mirror synchronization.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-12635 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-12635.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 0.0,
            "baseSeverity": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-12635"
    },
    {
      "cve": "CVE-2026-5309",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security vulnerability in specific GitLab EE versions that permitted authenticated users to improperly access or alter another group\u0027s virtual registry cleanup policy settings.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-5309 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-5309.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-5309"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-11379 (GCVE-0-2026-11379)

CERTFR-2026-AVI-0799

Solutions

GHSA-9MC7-W3H9-CMMF

NCSC-2026-0211

Tags

Sightings

Nomenclature