Vulnerability-Lookup

CVE-2026-8716 (GCVE-0-2026-8716)

Vulnerability from cvelistv5 – Published: 2026-05-27 17:54 – Updated: 2026-05-27 19:36

Title

Use of Incorrectly-Resolved Name or Reference in GitLab

Summary

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended.

Severity

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-706 - Use of Incorrectly-Resolved Name or Reference

Assigner

GitLab

References

2 references

URL	Tags
https://gitlab.com/gitlab-org/gitlab/-/work_items…
https://about.gitlab.com/releases/2026/05/27/patc…

Impacted products

1 product

Vendor	Product	Version
GitLab	GitLab	Affected: 12.7 , < 18.10.7 (semver) Affected: 18.11 , < 18.11.4 (semver) Affected: 19.0 , < 19.0.1 (semver) cpe:2.3:a:gitlab:gitlab::::::::

Credits

This vulnerability has been discovered internally by GitLab team member Hordur Freyr Yngvason

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-8716",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-27T19:34:31.889199Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-27T19:36:40.034Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "18.10.7",
              "status": "affected",
              "version": "12.7",
              "versionType": "semver"
            },
            {
              "lessThan": "18.11.4",
              "status": "affected",
              "version": "18.11",
              "versionType": "semver"
            },
            {
              "lessThan": "19.0.1",
              "status": "affected",
              "version": "19.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This vulnerability has been discovered internally by GitLab team member Hordur Freyr Yngvason"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-706",
              "description": "CWE-706: Use of Incorrectly-Resolved Name or Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-27T17:54:59.110Z",
        "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "shortName": "GitLab"
      },
      "references": [
        {
          "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/570059"
        },
        {
          "url": "https://about.gitlab.com/releases/2026/05/27/patch-release-gitlab-19-0-1-released/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to versions 18.10.7, 18.11.4, 19.0.1 or above."
        }
      ],
      "title": "Use of Incorrectly-Resolved Name or Reference in GitLab"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
    "assignerShortName": "GitLab",
    "cveId": "CVE-2026-8716",
    "datePublished": "2026-05-27T17:54:59.110Z",
    "dateReserved": "2026-05-15T21:03:44.492Z",
    "dateUpdated": "2026-05-27T19:36:40.034Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-8716",
      "date": "2026-05-28",
      "epss": "0.00024",
      "percentile": "0.07142"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-8716\",\"sourceIdentifier\":\"cve@gitlab.com\",\"published\":\"2026-05-27T19:16:25.097\",\"lastModified\":\"2026-05-27T20:45:07.847\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@gitlab.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"cve@gitlab.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-706\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*\",\"versionStartIncluding\":\"12.7.0\",\"versionEndExcluding\":\"18.10.7\",\"matchCriteriaId\":\"D1F6BC04-28A6-4655-AC66-077023277DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"12.7.0\",\"versionEndExcluding\":\"18.10.7\",\"matchCriteriaId\":\"39DEE09D-A962-4A5A-A9F1-6A13516A0981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*\",\"versionStartIncluding\":\"18.11.0\",\"versionEndExcluding\":\"18.11.4\",\"matchCriteriaId\":\"E97506AF-85D4-4CDE-B129-611438E348E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"18.11.0\",\"versionEndExcluding\":\"18.11.4\",\"matchCriteriaId\":\"F4085D50-86E4-4FC7-BB90-5181E6E65DEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:19.0.0:*:*:*:community:*:*:*\",\"matchCriteriaId\":\"FE7D542C-BB21-4CF0-A3E5-FAD6E9FB2851\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:19.0.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"57A0D68B-909C-416E-8EAE-A14886F4ABA9\"}]}]}],\"references\":[{\"url\":\"https://about.gitlab.com/releases/2026/05/27/patch-release-gitlab-19-0-1-released/\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab/-/work_items/570059\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Broken Link\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-8716\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-27T19:34:31.889199Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-27T19:36:35.478Z\"}}], \"cna\": {\"title\": \"Use of Incorrectly-Resolved Name or Reference in GitLab\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"This vulnerability has been discovered internally by GitLab team member Hordur Freyr Yngvason\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*\"], \"repo\": \"git://git@gitlab.com:gitlab-org/gitlab.git\", \"vendor\": \"GitLab\", \"product\": \"GitLab\", \"versions\": [{\"status\": \"affected\", \"version\": \"12.7\", \"lessThan\": \"18.10.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"18.11\", \"lessThan\": \"18.11.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"19.0\", \"lessThan\": \"19.0.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to versions 18.10.7, 18.11.4, 19.0.1 or above.\"}], \"references\": [{\"url\": \"https://gitlab.com/gitlab-org/gitlab/-/work_items/570059\"}, {\"url\": \"https://about.gitlab.com/releases/2026/05/27/patch-release-gitlab-19-0-1-released/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-706\", \"description\": \"CWE-706: Use of Incorrectly-Resolved Name or Reference\"}]}], \"providerMetadata\": {\"orgId\": \"ceab7361-8a18-47b1-92ba-4d7d25f6715a\", \"shortName\": \"GitLab\", \"dateUpdated\": \"2026-05-27T17:54:59.110Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-8716\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-27T19:36:40.034Z\", \"dateReserved\": \"2026-05-15T21:03:44.492Z\", \"assignerOrgId\": \"ceab7361-8a18-47b1-92ba-4d7d25f6715a\", \"datePublished\": \"2026-05-27T17:54:59.110Z\", \"assignerShortName\": \"GitLab\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

bit-gitlab-2026-8716

Vulnerability from bitnami_vulndb

Published

2026-05-28 09:12

Modified

2026-05-28 09:14

Summary

Use of Incorrectly-Resolved Name or Reference in GitLab

Details

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "gitlab",
        "purl": "pkg:bitnami/gitlab"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "12.7.0"
            },
            {
              "fixed": "18.10.7"
            },
            {
              "introduced": "18.11.0"
            },
            {
              "fixed": "18.11.4"
            }
          ],
          "type": "SEMVER"
        },
        {
          "events": [
            {
              "introduced": "19.0.0"
            },
            {
              "last_affected": "19.0.0"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "type": "CVSS_V3"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-8716"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
    ],
    "severity": "Medium"
  },
  "details": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended.",
  "id": "BIT-gitlab-2026-8716",
  "modified": "2026-05-28T09:14:08.616Z",
  "published": "2026-05-28T09:12:33.250Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://about.gitlab.com/releases/2026/05/27/patch-release-gitlab-19-0-1-released/"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/570059"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8716"
    }
  ],
  "schema_version": "1.6.2",
  "summary": "Use of Incorrectly-Resolved Name or Reference in GitLab"
}

CERTFR-2026-AVI-0658

Vulnerability from certfr_avis - Published: 2026-05-28 - Updated: 2026-05-28

De multiples vulnérabilités ont été découvertes dans GitLab. Elles permettent à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Enterprise Edition (EE) versions 19.x antérieures à 19.0.1
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Enterprise Edition (EE) versions 18.11.x antérieures à 18.11.4
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Enterprise Edition (EE) versions antérieures à 18.10.7

References

Title

Publication Time

FKIE_CVE-2026-8716

Vulnerability from fkie_nvd - Published: 2026-05-27 19:16 - Updated: 2026-05-27 20:45

Severity

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

References

	URL	Tags
	cve@gitlab.com	https://about.gitlab.com/releases/2026/05/27/patch-release-gitlab-19-0-1-released/	Release Notes, Vendor Advisory
	cve@gitlab.com	https://gitlab.com/gitlab-org/gitlab/-/work_items/570059	Broken Link

Impacted products

Vendor	Product	Version
gitlab	gitlab	*
gitlab	gitlab	*
gitlab	gitlab	*
gitlab	gitlab	*
gitlab	gitlab	19.0.0
gitlab	gitlab	19.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
              "matchCriteriaId": "D1F6BC04-28A6-4655-AC66-077023277DDD",
              "versionEndExcluding": "18.10.7",
              "versionStartIncluding": "12.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "39DEE09D-A962-4A5A-A9F1-6A13516A0981",
              "versionEndExcluding": "18.10.7",
              "versionStartIncluding": "12.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
              "matchCriteriaId": "E97506AF-85D4-4CDE-B129-611438E348E6",
              "versionEndExcluding": "18.11.4",
              "versionStartIncluding": "18.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "F4085D50-86E4-4FC7-BB90-5181E6E65DEC",
              "versionEndExcluding": "18.11.4",
              "versionStartIncluding": "18.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gitlab:gitlab:19.0.0:*:*:*:community:*:*:*",
              "matchCriteriaId": "FE7D542C-BB21-4CF0-A3E5-FAD6E9FB2851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gitlab:gitlab:19.0.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "57A0D68B-909C-416E-8EAE-A14886F4ABA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended."
    }
  ],
  "id": "CVE-2026-8716",
  "lastModified": "2026-05-27T20:45:07.847",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "cve@gitlab.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-05-27T19:16:25.097",
  "references": [
    {
      "source": "cve@gitlab.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://about.gitlab.com/releases/2026/05/27/patch-release-gitlab-19-0-1-released/"
    },
    {
      "source": "cve@gitlab.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/570059"
    }
  ],
  "sourceIdentifier": "cve@gitlab.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-706"
        }
      ],
      "source": "cve@gitlab.com",
      "type": "Primary"
    }
  ]
}

GHSA-5P55-QCQV-882W

Vulnerability from github – Published: 2026-05-27 21:31 – Updated: 2026-05-27 21:31

Details

Severity

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-8716"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-706"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-27T19:16:25Z",
    "severity": "MODERATE"
  },
  "details": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended.",
  "id": "GHSA-5p55-qcqv-882w",
  "modified": "2026-05-27T21:31:25Z",
  "published": "2026-05-27T21:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8716"
    },
    {
      "type": "WEB",
      "url": "https://about.gitlab.com/releases/2026/05/27/patch-release-gitlab-19-0-1-released"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/570059"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

NCSC-2026-0168

Vulnerability from csaf_ncscnl - Published: 2026-05-28 06:49 - Updated: 2026-05-28 06:49

Summary

Kwetsbaarheden verholpen in GitLab Community Edition en Enterprise Edition

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: GitLab heeft meerdere kwetsbaarheden verholpen in GitLab Community Edition en Enterprise Edition, specifiek in versies 12.7 tot voor 18.10.7, 18.11 tot voor 18.11.4, en 19.0 tot voor 19.0.1.

Interpretaties: De kwetsbaarheden betreffen verschillende aspecten van authenticatie, autorisatie en validatie binnen GitLab. Een denial of service kan worden veroorzaakt door onvoldoende validatie, waarbij een geauthenticeerde gebruiker de beschikbaarheid van de dienst kan verstoren. Daarnaast kunnen gebruikers met developer-permissies ongeautoriseerd toegang krijgen tot gevoelige deploymentdata door onjuiste autorisatiecontroles. Verder is er een probleem met onjuiste gebruikersidentiteitsresolutie, waardoor een geauthenticeerde gebruiker Duo AI-workflows kan activeren alsof hij een andere gebruiker is, wat leidt tot identiteitsvervalsing binnen deze workflows. Ook kunnen developer-rollen flowbeperkingen omzeilen die op groepsniveau zijn ingesteld, wat de toegangscontrole en workflow governance beïnvloedt. Een andere kwetsbaarheid maakt het mogelijk voor onbevoegde gebruikers om private projecten te enumereren, wat kan leiden tot blootstelling van gevoelige projectinformatie. Ten slotte kunnen geauthenticeerde gebruikers toegang krijgen tot continuous integration (CI) data die niet voor hen bedoeld is, door een fout in de toegangscontrole voor CI-data. De kwetsbaarheid met kenmerk CVE-2026-2710 wordt wel genoemd in de releasenotes van GitLab, maar is ingetrokken en heeft geen verdere impact.

Oplossingen: GitLab heeft updates uitgebracht in de genoemde versies om de diverse kwetsbaarheden te verhelpen door validatie- en autorisatielogica te corrigeren en de gebruikersidentiteitsresolutie te verbeteren. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-639: Authorization Bypass Through User-Controlled Key

CWE-706: Use of Incorrectly-Resolved Name or Reference

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-862: Missing Authorization

CWE-863: Incorrect Authorization

CVE-2026-1402

GitLab addressed a denial of service vulnerability affecting GitLab CE/EE versions 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1, exploitable by authenticated users due to insufficient validation.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2026-2601

GitLab addressed a security vulnerability in specific GitLab EE versions where authenticated users with developer permissions could improperly access sensitive deployment data due to flawed authorization checks.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-862 - Missing Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2026-4868

GitLab EE versions prior to 18.10.7, 18.11.4, and 19.0.1 contained a vulnerability allowing authenticated users to impersonate others and trigger Duo AI workflows due to improper user identity resolution.

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2026-5296

GitLab addressed a security vulnerability in GitLab EE versions 18.7 to before 18.10.7, 18.11 to before 18.11.4, and 19.0 to before 19.0.1 that allowed developer-role users to bypass flow restrictions when foundational flows were enabled at the group level.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2026-6713

GitLab addressed a security vulnerability in versions 18.2 to before 18.10.7, 18.11 to before 18.11.4, and 19.0 to before 19.0.1 that allowed unauthorized users to enumerate private projects due to improper authorization checks.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-863 - Incorrect Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2026-8716

GitLab addressed a vulnerability in versions 12.7 to before 18.10.7, 18.11 to before 18.11.4, and 19.0 to before 19.0.1 that allowed authenticated users to access continuous integration data from unintended reference types.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-706 - Use of Incorrectly-Resolved Name or Reference

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

References

7 references

URL	Category
https://about.gitlab.com/releases/2026/05/27/patc…	external
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "GitLab heeft meerdere kwetsbaarheden verholpen in GitLab Community Edition en Enterprise Edition, specifiek in versies 12.7 tot voor 18.10.7, 18.11 tot voor 18.11.4, en 19.0 tot voor 19.0.1.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden betreffen verschillende aspecten van authenticatie, autorisatie en validatie binnen GitLab. Een denial of service kan worden veroorzaakt door onvoldoende validatie, waarbij een geauthenticeerde gebruiker de beschikbaarheid van de dienst kan verstoren. Daarnaast kunnen gebruikers met developer-permissies ongeautoriseerd toegang krijgen tot gevoelige deploymentdata door onjuiste autorisatiecontroles. Verder is er een probleem met onjuiste gebruikersidentiteitsresolutie, waardoor een geauthenticeerde gebruiker Duo AI-workflows kan activeren alsof hij een andere gebruiker is, wat leidt tot identiteitsvervalsing binnen deze workflows. Ook kunnen developer-rollen flowbeperkingen omzeilen die op groepsniveau zijn ingesteld, wat de toegangscontrole en workflow governance be\u00efnvloedt. Een andere kwetsbaarheid maakt het mogelijk voor onbevoegde gebruikers om private projecten te enumereren, wat kan leiden tot blootstelling van gevoelige projectinformatie. Ten slotte kunnen geauthenticeerde gebruikers toegang krijgen tot continuous integration (CI) data die niet voor hen bedoeld is, door een fout in de toegangscontrole voor CI-data.\n\nDe kwetsbaarheid met kenmerk CVE-2026-2710 wordt wel genoemd in de releasenotes van GitLab, maar is ingetrokken en heeft geen verdere impact.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "GitLab heeft updates uitgebracht in de genoemde versies om de diverse kwetsbaarheden te verhelpen door validatie- en autorisatielogica te corrigeren en de gebruikersidentiteitsresolutie te verbeteren. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Use of Incorrectly-Resolved Name or Reference",
        "title": "CWE-706"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Missing Authorization",
        "title": "CWE-862"
      },
      {
        "category": "general",
        "text": "Incorrect Authorization",
        "title": "CWE-863"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://about.gitlab.com/releases/2026/05/27/patch-release-gitlab-19-0-1-released/"
      }
    ],
    "title": "Kwetsbaarheden verholpen in GitLab Community Edition en Enterprise Edition",
    "tracking": {
      "current_release_date": "2026-05-28T06:49:55.052377Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0168",
      "initial_release_date": "2026-05-28T06:49:55.052377Z",
      "revision_history": [
        {
          "date": "2026-05-28T06:49:55.052377Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "GitLab"
          }
        ],
        "category": "vendor",
        "name": "GitLab"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-1402",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "GitLab addressed a denial of service vulnerability affecting GitLab CE/EE versions 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1, exploitable by authenticated users due to insufficient validation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-1402 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-1402.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-1402"
    },
    {
      "cve": "CVE-2026-2601",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security vulnerability in specific GitLab EE versions where authenticated users with developer permissions could improperly access sensitive deployment data due to flawed authorization checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-2601 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-2601.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-2601"
    },
    {
      "cve": "CVE-2026-4868",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        },
        {
          "category": "description",
          "text": "GitLab EE versions prior to 18.10.7, 18.11.4, and 19.0.1 contained a vulnerability allowing authenticated users to impersonate others and trigger Duo AI workflows due to improper user identity resolution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-4868 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-4868.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-4868"
    },
    {
      "cve": "CVE-2026-5296",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security vulnerability in GitLab EE versions 18.7 to before 18.10.7, 18.11 to before 18.11.4, and 19.0 to before 19.0.1 that allowed developer-role users to bypass flow restrictions when foundational flows were enabled at the group level.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-5296 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-5296.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-5296"
    },
    {
      "cve": "CVE-2026-6713",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "description",
          "text": "GitLab addressed a security vulnerability in versions 18.2 to before 18.10.7, 18.11 to before 18.11.4, and 19.0 to before 19.0.1 that allowed unauthorized users to enumerate private projects due to improper authorization checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-6713 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-6713.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-6713"
    },
    {
      "cve": "CVE-2026-8716",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Incorrectly-Resolved Name or Reference",
          "title": "CWE-706"
        },
        {
          "category": "description",
          "text": "GitLab addressed a vulnerability in versions 12.7 to before 18.10.7, 18.11 to before 18.11.4, and 19.0 to before 19.0.1 that allowed authenticated users to access continuous integration data from unintended reference types.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-8716 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-8716.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2026-8716"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-8716 (GCVE-0-2026-8716)

bit-gitlab-2026-8716

Vulnerability from bitnami_vulndb

CERTFR-2026-AVI-0658

Solutions

FKIE_CVE-2026-8716

GHSA-5P55-QCQV-882W

NCSC-2026-0168

Tags

Sightings

Nomenclature