gitlab
1,423 tracked vulnerabilities.
CVE-2026-3607
MEDIUM
Access Control Check Implemented After Asset is Accessed in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-3160
MEDIUM
Unintended Proxy or Intermediary ('Confused Deputy') in GitLab
May 14, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-3074
MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-3073
MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-2900
LOW
Missing Authorization in GitLab
May 14, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-1659
HIGH
Allocation of Resources Without Limits or Throttling in GitLab
May 14, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-1338
MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
May 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-1322
MEDIUM
Business Logic Errors in GitLab
May 14, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-1184
MEDIUM
Deserialization of Untrusted Data in GitLab
May 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6515
MEDIUM
Insufficient Session Expiration in GitLab
Apr 22, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-5816
HIGH
Improper Resolution of Path Equivalence in GitLab
Apr 22, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-5377
MEDIUM
Incorrect Authorization in GitLab
Apr 22, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-5262
HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Apr 22, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-4922
HIGH
Cross-Site Request Forgery (CSRF) in GitLab
Apr 22, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-3254
LOW
Improper Restriction of Rendered UI Layers or Frames in GitLab
Apr 22, 2026
CVSS 3.5
EPSS 0.00
CVE-2026-1660
MEDIUM
Allocation of Resources Without Limits or Throttling in GitLab
Apr 22, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-5173
HIGH
Exposed Dangerous Method or Function in GitLab
Apr 08, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-4916
LOW
Missing Authorization in GitLab
Apr 08, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-4332
MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
Apr 08, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-2619
MEDIUM
Incorrect Authorization in GitLab
Apr 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-2104
MEDIUM
Authorization Bypass Through User-Controlled Key in GitLab
Apr 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-1752
MEDIUM
Incorrect Authorization in GitLab
Apr 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-1516
MEDIUM
Improper Control of Generation of Code ('Code Injection') in GitLab
Apr 08, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-1101
MEDIUM
Improper Validation of Specified Quantity in Input in GitLab
Apr 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-1092
HIGH
Improper Validation of Specified Quantity in Input in GitLab
Apr 08, 2026
CVSS 7.5
EPSS 0.01