Skip to main content

GitLab EE EUVD-2026-36230

| CVE-2026-6277 MEDIUM
Incorrect Authorization (CWE-863)
2026-06-11 GitLab GHSA-hm74-p2xf-rqgc
Gitlab Authentication Bypass
4.3
CVSS 3.1 · Vendor: GitLab
Share

Severity by source

Vendor (GitLab) PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
vuln.today AI
4.3 MEDIUM

Network-accessible instance, low-privilege authenticated role required (PR:L), limited integrity-only impact on security configuration with no confidentiality or availability effect.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (GitLab).

CVSS VectorVendor: GitLab

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

3
Patch available
Jun 11, 2026 - 13:01 EUVD
Analysis Generated
Jun 11, 2026 - 11:56 vuln.today
CVE Published
Jun 11, 2026 - 10:20 cve.org
MEDIUM 4.3

DescriptionCVE.org

GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with Security Manager-role permissions to manage project security configuration even when the relevant feature was in a disabled state, due to incorrect authorization enforcement.

AnalysisAI

Incorrect authorization enforcement in GitLab Enterprise Edition allows an authenticated user holding the Security Manager role to manage project security configurations even when the relevant security feature has been administratively disabled. Affecting all EE versions from 13.9 through the patched releases (18.10.8, 18.11.5, 19.0.2), the flaw bypasses the feature-disabled gate by failing to validate feature state alongside role-based permissions. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain GitLab EE account with Security Manager role
Delivery
Identify project where target security feature is disabled
Exploit
Send API/UI request to manage disabled feature's configuration
Execution
Authorization check validates role but omits feature-state verification
Persist
Security configuration altered on disabled feature
Impact
Downstream security controls weakened
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires an authenticated GitLab EE account with the Security Manager role assigned on the target project - this role is explicitly elevated and restricted in enterprise deployments, not a default user permission. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 score of 4.3 (Medium) with vector AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N accurately reflects a constrained but network-accessible attack requiring low-privilege authentication. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with a GitLab EE account to which the Security Manager role has been assigned targets a project where a security feature (such as a vulnerability scanning or policy enforcement component) has been disabled by an administrator. The attacker submits API or web UI requests to manage that feature's security configuration - requests that should be rejected due to the feature's disabled state. …
Remediation Upgrade GitLab EE to one of the patched releases: 18.10.8, 18.11.5, or 19.0.2, as documented in the vendor patch advisory at https://about.gitlab.com/releases/2026/06/10/patch-release-gitlab-19-0-2-released/. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-8589 HIGH POC
8.7 Jun 11

Stored cross-site scripting and account integrity abuse in GitLab Enterprise Edition versions 13.1.4 through 18.10.7, 18
CVE-2026-10087 HIGH POC
8.7 Jun 11

Stored cross-site scripting in GitLab Enterprise Edition's Analytics Dashboard allows an authenticated developer-role us
CVE-2026-6552 HIGH POC
8.7 Jun 11

Account takeover in GitLab Enterprise Edition versions 15.5 through 19.0.2 allows an authenticated group Owner to hijack
CVE-2026-7250 HIGH POC
7.5 Jun 11

Denial of service in GitLab CE/EE versions 12.10 through 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 allows un
CVE-2026-1500 MEDIUM POC
6.5 Jun 11

Uncontrolled resource consumption in GitLab CE/EE's file upload processing pipeline enables any authenticated user to tr

Share

EUVD-2026-36230 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy