Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 1012

Browse all 1012 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by GitLab:GitLabGitLab CE/EEGitLab Community and Enterprise EditionsGitLab EEGitLab Runnergitlab-vscode-extensionDASTGitLab Community Edition and GitLab Enterprise EditionGitalyGitLab PagesDAST API scannerGitLab DAST API scannerGitLab VSCode ForkGitLab Language ServerGitLab AI Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2026-3254 Improper Restriction of Rendered UI Layers or Frames in GitLab — GitLabCWE-1021 3.5 Low2026-04-22
CVE-2026-4922 Cross-Site Request Forgery (CSRF) in GitLab — GitLabCWE-352 8.1 High2026-04-22
CVE-2025-0186 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-04-22
CVE-2025-3922 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-04-22
CVE-2025-6016 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-04-22
CVE-2025-9957 Incorrect Authorization in GitLab — GitLabCWE-863 2.7 Low2026-04-22
CVE-2026-1660 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-04-22
CVE-2026-5262 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.0 High2026-04-22
CVE-2026-5377 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2026-04-22
CVE-2026-5816 Improper Resolution of Path Equivalence in GitLab — GitLabCWE-41 8.0 High2026-04-22
CVE-2026-6515 Insufficient Session Expiration in GitLab — GitLabCWE-613 5.4 Medium2026-04-22
CVE-2025-9484 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2026-04-08
CVE-2025-12664 Improper Validation of Specified Quantity in Input in GitLab — GitLabCWE-1284 7.5 High2026-04-08
CVE-2026-1092 Improper Validation of Specified Quantity in Input in GitLab — GitLabCWE-1284 7.5 High2026-04-08
CVE-2026-1101 Improper Validation of Specified Quantity in Input in GitLab — GitLabCWE-1284 6.5 Medium2026-04-08
CVE-2026-1516 Improper Control of Generation of Code ('Code Injection') in GitLab — GitLabCWE-94 5.7 Medium2026-04-08
CVE-2026-1752 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2026-04-08
CVE-2026-2104 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 4.3 Medium2026-04-08
CVE-2026-2619 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2026-04-08
CVE-2026-4332 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 5.4 Medium2026-04-08
CVE-2026-4916 Missing Authorization in GitLab — GitLabCWE-862 2.7 Low2026-04-08
CVE-2026-5173 Exposed Dangerous Method or Function in GitLab — GitLabCWE-749 8.5 High2026-04-08
CVE-2026-2370 Improper Handling of Parameters in GitLab — GitLabCWE-233 8.1 High2026-03-29
CVE-2025-13078 Improper Validation of Specified Quantity in Input in GitLab — GitLabCWE-1284 6.5 Medium2026-03-25
CVE-2025-13436 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-03-25
CVE-2025-14595 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2026-03-25
CVE-2026-1724 Missing Authentication for Critical Function in GitLab — GitLabCWE-306 6.8 Medium2026-03-25
CVE-2026-2745 Authentication Bypass Using an Alternate Path or Channel in GitLab — GitLabCWE-288 6.8 Medium2026-03-25
CVE-2026-2726 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2026-03-25
CVE-2026-2973 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 5.4 Medium2026-03-25

This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.