Skip to main content

Gitlab

Vendor security scorecard – 30 CVEs in the selected period

Period: 30d 90d 6m 1y All
Risk 44
30
CVEs
2
Critical
4
High
0
KEV
1
PoC
2
Unpatched C/H
90.0%
Patch Rate
0.2%
Avg EPSS

Severity Breakdown

CRITICAL
2
HIGH
4
MEDIUM
20
LOW
4

Monthly CVE Trend

Top Risky CVEs

CVE Summary Severity CVSS EPSS Priority Signals
CVE-2026-48801 Denial of service in linkify-it (npm) through v5.0.0 lets remote unauthenticated attackers wedge a rendering worker by submitting tens of KB of repeated email/link-like text. The core public API LinkifyIt.prototype.match runs an O(N²) scan loop that re-slices the input and re-runs unanchored fuzzy regex searches once per match, so 64 KB of "a@b.com" burns ~2.5 s of single-threaded CPU and 128 KB ~10 s. The flaw is inherited by markdown-it (~21.6M weekly npm downloads) whenever linkify:true is set, exposing forums, chat, wikis and AI chat UIs; publicly available exploit code (a PoC in the GHSA advisory) exists, but there is no evidence of active exploitation. HIGH 8.7 0.4% 64
PoC
CVE-2026-58370 Approval-gate bypass in Woodpecker CI before 3.15.0 lets an attacker who can open a merge request from a fork against a GitLab-backed repository run unapproved, attacker-controlled pipelines. Because the GitLab forge driver populates pipeline.Author from the spoofable git commit author name (commit.author.name) rather than the GitLab-validated user identity, an attacker simply sets the commit author to a name listed in ApprovalAllowedUsers, making needsApproval return false. This grants arbitrary CI step execution on a Woodpecker agent and exposure of CI secrets; there is no public exploit identified at time of analysis, but the issue was reported by VulnCheck and is trivially reproducible. CRITICAL 9.2 0.5% 47
CVE-2026-61462 GitLab API request redirection in zereight's mcp-gitlab (gitlab-mcp) MCP server lets attackers who control the job_id parameter escape the intended /jobs/ path prefix and reach arbitrary GitLab REST API endpoints under the operator's personal access token. Because the token is a bearer of the operator's full GitLab privileges, a crafted value such as '../../../user' resolves to /api/v4/user (or any other resource), turning a scoped job lookup into broad unauthorized data access. No public exploit was identified at time of analysis, and it is not listed in CISA KEV, but the flaw is trivially triggerable and was reported by VulnCheck with a vendor fix committed. CRITICAL 9.2 0.4% 46
CVE-2026-54673 Credential leakage in electron-updater (the auto-update component of electron-builder / builder-util-runtime) before 9.7.0 allows an attacker controlling a redirect target to harvest update-feed credentials. The HTTP redirect handler only stripped a header keyed exactly as lowercase "authorization", so PRIVATE-TOKEN (GitLab personal access tokens) and mixed-case Authorization (GitLab Bearer/OAuth) headers were forwarded to attacker-controlled cross-origin redirect destinations. There is no public exploit identified at time of analysis, but the upstream fix is published in version 9.7.0. HIGH 8.2 0.2% 41
No patch
CVE-2026-12053 Information disclosure in GitLab Enterprise Edition 19.1 (before 19.1.1) lets a user retrieve sensitive data previously committed to a project because Duo Workflows fails to adequately filter its output under certain conditions. The flaw exposes confidential repository content through GitLab's AI workflow feature without altering or destroying data. No public exploit is identified at time of analysis and CISA SSVC rates exploitation as 'none', though EPSS sits at a modest 0.33% (25th percentile). HIGH 7.5 0.3% 38
CVE-2026-10712 Cross-site scripting in GitLab CE/EE (18.10 through 18.11.5, 19.0 through 19.0.2, and 19.1.0) lets an unauthenticated attacker run arbitrary JavaScript in a victim's authenticated browser session by abusing improper path validation, but only under specific conditions and after a logged-in user interacts with attacker-controlled content. The CVSS 8.0 rating (scope-changed, high confidentiality and integrity impact) reflects that successful exploitation effectively hijacks the victim's GitLab session. No public exploit has been identified at time of analysis and the issue is not in CISA KEV, though a HackerOne report exists and GitLab shipped fixes in 18.11.6, 19.0.3, and 19.1.1. MEDIUM 6.1 0.3% 31
CVE-2026-55847 Stored XSS in allure-generator (versions <= 2.38.1) allows arbitrary JavaScript execution in the browser of anyone who views a generated Allure report containing crafted test result data. The vulnerable `ansi.js` Handlebars helper passes unsanitized `statusMessage` and `statusTrace` values - sourced from JUnit XML failure messages and equivalent fields in TRX, xUnit XML, xctest, and Allure 1/2 plugins - through `ansi-to-html` without HTML escaping, then wraps the output in `SafeString` to bypass Handlebars' auto-escape protection. A publicly available proof-of-concept demonstrates exploitation via a crafted JUnit XML file; the attack is particularly relevant to CI/CD environments (Jenkins, GitLab, GitHub Actions) where reports are served on shared infrastructure with active authenticated sessions. MEDIUM 6.1 &ndash; 30
CVE-2026-55187 Incomplete SSRF remediation in mailpit v1.29.2 through v1.30.1 leaves the Link Check API bypassable via IPv6 transition mechanism literals (6to4, NAT64, IPv4-compatible IPv6, ISATAP, Teredo) and unclassified IPv6 prefixes (fec0::/10, 2001:db8::/32) that Go's stdlib Is* classification helpers silently pass. An unauthenticated network attacker who can deliver email to mailpit's SMTP listener and invoke the Link Check API can coerce the application into dialing internal IPv4 destinations - including cloud metadata endpoints at 169.254.169.254 - by encoding the target as an IPv6 literal that returns false for all seven predicates in IsInternalIP, bypassing the guard introduced for CVE-2026-27808. Publicly available exploit code exists in the form of a reproducible unit test and end-to-end proof-of-concept published in the advisory; this is the same deny-list bypass class confirmed in CVE-2026-44430 (MCP Registry) and CVE-2026-45741 (Gotenberg). MEDIUM 5.8 0.3% 29
CVE-2026-6896 Stored/reflected cross-site scripting in GitLab Enterprise Edition lets an authenticated user holding Developer-role permissions inject arbitrary scripts that execute in a victim user's browser session, enabling session hijacking or actions performed as the victim. It affects a broad version range (13.11 through 18.11.6, 19.0.x before 19.0.4, and 19.1.x before 19.1.2) and stems from improper sanitization of user-supplied input. There is no public exploit identified at time of analysis, though the flaw was disclosed through a HackerOne bug-bounty report. MEDIUM 5.4 0.3% 27
CVE-2026-13320 Stored/reflected cross-site scripting in GitLab CE/EE (all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2) lets an authenticated user inject unsanitized input that executes arbitrary JavaScript in a victim's browser session, enabling session hijacking or actions on the victim's behalf. The scope-changed CVSS 7.3 reflects that the payload crosses a security boundary into another user's context. There is no public exploit identified at time of analysis, though the flaw originated from a HackerOne bug bounty submission and vendor patches are already available. MEDIUM 5.4 0.3% 27
CVE-2026-10086 Stored cross-site scripting in GitLab Enterprise Edition (all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1) lets an authenticated user holding only developer-role permissions inject unsanitized input that executes as JavaScript in a victim's browser session. Because the script runs with scope change in the context of another (potentially higher-privileged) user, an attacker can hijack sessions, exfiltrate data, or act on the victim's behalf. The flaw was reported privately via HackerOne and patched by GitLab; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. MEDIUM 5.4 0.3% 27
CVE-2026-5309 Authorization bypass in GitLab Enterprise Edition's virtual registry cleanup policy feature allows authenticated users to read or modify cleanup policy settings belonging to groups they do not own. Affected versions span all GitLab EE releases from 18.6 through 18.11.5, 19.0 through 19.0.2, and 19.1.0. Exploitation requires a valid GitLab EE account but no elevated privileges; no public exploit code exists and this is not in CISA KEV at time of analysis. MEDIUM 5.4 0.2% 27
CVE-2026-5139 The /gitlab connect slash command in Mattermost fails to enforce administrator-level authorization on the setDefaultInstance call, enabling any authenticated user to overwrite the workspace-wide default GitLab instance configuration. Affected across four concurrent release trains (11.7.0, 11.6.x ≤ 11.6.2, 11.5.x ≤ 11.5.5, 10.11.x ≤ 10.11.17), this missing authorization flaw (CWE-862) is exploitable by any valid Mattermost account holder without elevated privileges. No public exploit code or active exploitation has been identified at time of analysis, but the low attack complexity and low privilege requirement make this accessible to any workspace member targeting GitLab integration infrastructure. MEDIUM 5.4 0.2% 27
No patch
CVE-2026-7492 Private project existence disclosure in GitLab CE/EE (versions 9.1 through 18.11.x, 19.0.x, and 19.1.x) enables low-privilege GitLab account holders to confirm whether a private project exists via improperly authorized cross-project reference pages. The flaw stems from missing authorization controls (CWE-862) on reference resolution endpoints, leaking project existence metadata to users who have no authorized access to the targeted private project. No public exploit exists and this vulnerability is not listed in CISA KEV; GitLab has released patches across all three affected version branches. MEDIUM 5.3 0.3% 27
CVE-2026-2238 Confidential issue references in GitLab CE/EE public projects are exposed to unauthenticated users due to missing authorization checks (CWE-862). Affecting all GitLab versions from 17.5 through 18.11.5, 19.0.0-19.0.2, and 19.1.0, this flaw enables any unauthenticated remote attacker to retrieve references to confidential issues on public projects - potentially revealing issue IDs, titles, or internal metadata that project owners explicitly restricted. No public exploit code or CISA KEV listing exists at time of analysis; however, the unauthenticated, low-complexity network vector makes this trivially automatable for reconnaissance against large GitLab installations. MEDIUM 5.3 0.2% 27

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy