|
5121
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2025-14870
|
2026-05-16 12:38 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5122
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause den…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-1184
|
2026-05-16 12:37 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5123
|
8.1 |
HIGH
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with a read…
|
CWE-840
Business Logic Errors
|
CVE-2026-1322
|
2026-05-16 12:37 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5124
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with devel…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-1338
|
2026-05-16 12:36 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5125
|
2.7 |
LOW
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when instance-level approval rule editing prevention w…
|
CWE-862
Missing Authorization
|
CVE-2026-2900
|
2026-05-16 12:36 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5126
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with develo…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-3073
|
2026-05-16 12:36 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5127
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to downlo…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-3074
|
2026-05-16 12:35 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5128
|
5.8 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jir…
|
CWE-441
Confused Deputy
|
CVE-2026-3160
|
2026-05-16 12:34 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5129
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that under certain conditions could have allowed an authent…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-6063
|
2026-05-16 12:34 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5130
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to execute arb…
|
CWE-79
Cross-site Scripting
|
CVE-2026-6073
|
2026-05-16 12:33 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
