CVE-2026-1724
- EPSS 0.03%
- Veröffentlicht 25.03.2026 16:34:28
- Zuletzt bearbeitet 26.03.2026 18:23:30
GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to access API tokens of self-hosted AI models due to improper acc...
CVE-2026-2745
- EPSS 0.08%
- Veröffentlicht 25.03.2026 16:34:18
- Zuletzt bearbeitet 26.03.2026 20:54:09
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to bypass WebAuthn two-factor authentication and gain unauthor...
CVE-2026-2726
- EPSS 0.02%
- Veröffentlicht 25.03.2026 16:34:13
- Zuletzt bearbeitet 26.03.2026 18:30:16
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to perform unauthorized actions on merge requests in other proj...
CVE-2026-2973
- EPSS 0.04%
- Veröffentlicht 25.03.2026 16:34:03
- Zuletzt bearbeitet 26.03.2026 17:43:28
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to execute arbitrary JavaScript in a user's browser due to impro...
CVE-2026-2995
- EPSS 0.07%
- Veröffentlicht 25.03.2026 16:33:58
- Zuletzt bearbeitet 26.03.2026 17:42:57
GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addresses to targeted user accounts due to improper sa...
CVE-2026-3857
- EPSS 0.01%
- Veröffentlicht 25.03.2026 16:33:53
- Zuletzt bearbeitet 30.03.2026 15:19:33
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authentic...
CVE-2026-3988
- EPSS 0.22%
- Veröffentlicht 25.03.2026 16:33:43
- Zuletzt bearbeitet 26.03.2026 17:42:09
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance unr...
CVE-2026-4363
- EPSS 0.02%
- Veröffentlicht 25.03.2026 15:16:50
- Zuletzt bearbeitet 26.03.2026 11:56:57
GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that under certain conditions could have allowed an authenticated user to gain unauthorized access to resources d...
CVE-2026-1182
- EPSS 0.03%
- Veröffentlicht 12.03.2026 01:33:23
- Zuletzt bearbeitet 13.03.2026 13:20:51
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in...
CVE-2026-0602
- EPSS 0.02%
- Veröffentlicht 11.03.2026 16:16:22
- Zuletzt bearbeitet 17.03.2026 20:59:01
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose metadata from private issues, merge requests, epics, m...