gitlab

1,423 tracked vulnerabilities.

CVE-2026-3607 MEDIUM
Access Control Check Implemented After Asset is Accessed in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-3160 MEDIUM
Unintended Proxy or Intermediary ('Confused Deputy') in GitLab
May 14, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-3074 MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-3073 MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-2900 LOW
Missing Authorization in GitLab
May 14, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-1659 HIGH
Allocation of Resources Without Limits or Throttling in GitLab
May 14, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-1338 MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-1322 MEDIUM
Business Logic Errors in GitLab
May 14, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-1184 MEDIUM
Deserialization of Untrusted Data in GitLab
May 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6515 MEDIUM
Insufficient Session Expiration in GitLab
Apr 22, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-5816 HIGH
Improper Resolution of Path Equivalence in GitLab
Apr 22, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-5377 MEDIUM
Incorrect Authorization in GitLab
Apr 22, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-5262 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Apr 22, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-4922 HIGH
Cross-Site Request Forgery (CSRF) in GitLab
Apr 22, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-3254 LOW
Improper Restriction of Rendered UI Layers or Frames in GitLab
Apr 22, 2026
CVSS 3.5
EPSS 0.00
CVE-2026-1660 MEDIUM
Allocation of Resources Without Limits or Throttling in GitLab
Apr 22, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-5173 HIGH
Exposed Dangerous Method or Function in GitLab
Apr 08, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-4916 LOW
Missing Authorization in GitLab
Apr 08, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-4332 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Apr 08, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-2619 MEDIUM
Incorrect Authorization in GitLab
Apr 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-2104 MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
Apr 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-1752 MEDIUM
Incorrect Authorization in GitLab
Apr 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-1516 MEDIUM
Improper Control of Generation of Code ('Code Injection') in GitLab
Apr 08, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-1101 MEDIUM
Improper Validation of Specified Quantity in Input in GitLab
Apr 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-1092 HIGH
Improper Validation of Specified Quantity in Input in GitLab
Apr 08, 2026
CVSS 7.5
EPSS 0.01