gitlab
1,423 tracked vulnerabilities.
CVE-2026-6552
HIGH
Authorization Bypass Through User-Controlled Key in GitLab
Jun 11, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-6277
MEDIUM
Incorrect Authorization in GitLab
Jun 11, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-6269
MEDIUM
Incorrect Authorization in GitLab
Jun 11, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-3553
LOW
Incorrect Authorization in GitLab
Jun 11, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-1500
MEDIUM
Allocation of Resources Without Limits or Throttling in GitLab
Jun 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-10733
MEDIUM
Improper Restriction of Rendered UI Layers or Frames in GitLab
Jun 11, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-10087
HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Jun 11, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-9807
MEDIUM
Incorrect Authorization in GitLab
May 28, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-8716
MEDIUM
Use of Incorrectly-Resolved Name or Reference in GitLab
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-6713
MEDIUM
Incorrect Authorization in GitLab
May 27, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-5296
MEDIUM
Missing Authorization in GitLab
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-4868
HIGH
Authorization Bypass Through User-Controlled Key in GitLab
May 27, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-2601
MEDIUM
Missing Authorization in GitLab
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-1402
MEDIUM
Allocation of Resources Without Limits or Throttling in GitLab
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8280
MEDIUM
Allocation of Resources Without Limits or Throttling in GitLab
May 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8144
MEDIUM
Missing Authorization in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-7481
HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
May 14, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-7471
LOW
Server-Side Request Forgery (SSRF) in GitLab
May 14, 2026
CVSS 3.5
EPSS 0.00
CVE-2026-7377
HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
May 14, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-6883
LOW
Missing Authorization in GitLab
May 14, 2026
CVSS 2.6
EPSS 0.00
CVE-2026-6335
MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
May 14, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-6073
HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
May 14, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-6063
MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-4527
MEDIUM
Cross-Site Request Forgery (CSRF) in GitLab
May 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4524
MEDIUM
Authentication Bypass Using an Alternate Path or Channel in GitLab
May 14, 2026
CVSS 6.5
EPSS 0.00