gitlab

1,423 tracked vulnerabilities.

CVE-2026-6552 HIGH
Authorization Bypass Through User-Controlled Key in GitLab
Jun 11, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-6277 MEDIUM
Incorrect Authorization in GitLab
Jun 11, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-6269 MEDIUM
Incorrect Authorization in GitLab
Jun 11, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-3553 LOW
Incorrect Authorization in GitLab
Jun 11, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-1500 MEDIUM
Allocation of Resources Without Limits or Throttling in GitLab
Jun 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-10733 MEDIUM
Improper Restriction of Rendered UI Layers or Frames in GitLab
Jun 11, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-10087 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Jun 11, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-9807 MEDIUM
Incorrect Authorization in GitLab
May 28, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-8716 MEDIUM
Use of Incorrectly-Resolved Name or Reference in GitLab
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-6713 MEDIUM
Incorrect Authorization in GitLab
May 27, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-5296 MEDIUM
Missing Authorization in GitLab
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-4868 HIGH
Authorization Bypass Through User-Controlled Key in GitLab
May 27, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-2601 MEDIUM
Missing Authorization in GitLab
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-1402 MEDIUM
Allocation of Resources Without Limits or Throttling in GitLab
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8280 MEDIUM
Allocation of Resources Without Limits or Throttling in GitLab
May 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8144 MEDIUM
Missing Authorization in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-7481 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
May 14, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-7471 LOW
Server-Side Request Forgery (SSRF) in GitLab
May 14, 2026
CVSS 3.5
EPSS 0.00
CVE-2026-7377 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
May 14, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-6883 LOW
Missing Authorization in GitLab
May 14, 2026
CVSS 2.6
EPSS 0.00
CVE-2026-6335 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
May 14, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-6073 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
May 14, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-6063 MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-4527 MEDIUM
Cross-Site Request Forgery (CSRF) in GitLab
May 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4524 MEDIUM
Authentication Bypass Using an Alternate Path or Channel in GitLab
May 14, 2026
CVSS 6.5
EPSS 0.00