|
311
|
5.8 |
MEDIUM
Network
|
-
|
-
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jir…
New
|
CWE-441
Confused Deputy
|
CVE-2026-3160
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312
|
4.3 |
MEDIUM
Network
|
-
|
-
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with develo…
New
|
CWE-1280
|
CVE-2026-3607
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313
|
6.5 |
MEDIUM
Network
|
-
|
-
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to access…
New
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-4524
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314
|
6.5 |
MEDIUM
Network
|
-
|
-
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to creat…
New
|
CWE-352
Origin Validation Error
|
CVE-2026-4527
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315
|
4.3 |
MEDIUM
Network
|
-
|
-
|
GitLab has remediated an issue in GitLab EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that under certain conditions could have allowed an authent…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-6063
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316
|
8.7 |
HIGH
Network
|
-
|
-
|
GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to execute arb…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-6073
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317
|
5.4 |
MEDIUM
Network
|
-
|
-
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.3 that under certain conditions could have allowed an authenticated user to execute arbitrary code in ano…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-6335
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318
|
2.6 |
LOW
Network
|
-
|
-
|
GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merg…
New
|
CWE-862
Missing Authorization
|
CVE-2026-6883
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319
|
8.7 |
HIGH
Network
|
-
|
-
|
GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that, in customizable analytics dashboards, could have allow…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-7377
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
320
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection.
Th…
New
|
CWE-89
SQL Injection
|
CVE-2025-11024
|
2026-05-15 01:20 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
