gitlab

1,423 tracked vulnerabilities.

CVE-2026-8472 MEDIUM
Missing Authorization in GitLab
Jul 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-7492 MEDIUM
Missing Authorization in GitLab
Jul 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-6896 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Jul 08, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-6352 LOW
Incorrect Authorization in GitLab
Jul 08, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-13320 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Jul 08, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-13151 LOW
Incorrect Authorization in GitLab
Jul 08, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-11827 MEDIUM
Insufficiently Protected Credentials in GitLab
Jul 08, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-8330 MEDIUM
Insertion of Sensitive Information into Log File in GitLab
Jun 25, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-5952 MEDIUM
Incorrect Authorization in GitLab
Jun 25, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-5796 MEDIUM
Incorrect Authorization in GitLab
Jun 25, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-5309 MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
Jun 25, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-3176 LOW
Missing Authorization in GitLab
Jun 25, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-2238 MEDIUM
Missing Authorization in GitLab
Jun 25, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1606 MEDIUM
Improper Control of Generation of Code ('Code Injection') in GitLab
Jun 25, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-12635 NONE
Reliance on Reverse DNS Resolution for a Security-Critical Action in GitLab
Jun 25, 2026
EPSS 0.00
CVE-2026-12053 HIGH
Insertion of Sensitive Information into Log File in GitLab
Jun 25, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-11379 MEDIUM
Incorrect Authorization in GitLab
Jun 25, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-10712 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Jun 25, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-10086 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Jun 25, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-0934 LOW
Incorrect Authorization in GitLab
Jun 25, 2026
CVSS 3.8
EPSS 0.00
CVE-2026-9694 LOW
Improper Neutralization of Substitution Characters in GitLab
Jun 11, 2026
CVSS 2.6
EPSS 0.00
CVE-2026-9204 MEDIUM
Server-Side Request Forgery (SSRF) in GitLab
Jun 11, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-8589 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Jun 11, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-7250 HIGH
Allocation of Resources Without Limits or Throttling in GitLab
Jun 11, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6976 LOW
Authorization Bypass Through User-Controlled Key in GitLab
Jun 11, 2026
CVSS 3.7
EPSS 0.00