Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 1012

Browse all 1012 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by GitLab:GitLabGitLab CE/EEGitLab Community and Enterprise EditionsGitLab EEGitLab Runnergitlab-vscode-extensionDASTGitLab Community Edition and GitLab Enterprise EditionGitalyGitLab PagesDAST API scannerGitLab DAST API scannerGitLab VSCode ForkGitLab Language ServerGitLab AI Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2026-2995 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in GitLab — GitLabCWE-80 7.7 High2026-03-25
CVE-2026-3857 Cross-Site Request Forgery (CSRF) in GitLab — GitLabCWE-352 8.1 High2026-03-25
CVE-2026-3988 Inefficient Algorithmic Complexity in GitLab — GitLabCWE-407 7.5 High2026-03-25
CVE-2026-4363 Incorrect Authorization in GitLab — GitLabCWE-863 3.7 Low2026-03-25
CVE-2026-1182 Improper Removal of Sensitive Information Before Storage or Transfer in GitLab — GitLabCWE-212 4.3 Medium2026-03-12
CVE-2025-12555 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2026-03-11
CVE-2025-12576 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-03-11
CVE-2025-12697 Improper Encoding or Escaping of Output in GitLab — GitLabCWE-116 2.2 Low2026-03-11
CVE-2025-12704 Missing Authorization in GitLab — GitLabCWE-862 3.5 Low2026-03-11
CVE-2025-13690 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-03-11
CVE-2025-13929 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 7.5 High2026-03-11
CVE-2025-14513 Improper Validation of Specified Quantity in Input in GitLab — GitLabCWE-1284 7.5 High2026-03-11
CVE-2026-0602 Authentication Bypass Using an Alternate Path or Channel in GitLab — GitLabCWE-288 4.3 Medium2026-03-11
CVE-2026-1069 Uncontrolled Recursion in GitLab — GitLabCWE-674 7.5 High2026-03-11
CVE-2026-1090 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2026-03-11
CVE-2026-1230 Use of Incorrectly-Resolved Name or Reference in GitLab — GitLabCWE-706 4.1 Medium2026-03-11
CVE-2026-1663 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2026-03-11
CVE-2026-1732 Improper Removal of Sensitive Information Before Storage or Transfer in GitLab — GitLabCWE-212 4.3 Medium2026-03-11
CVE-2026-3848 Improper Neutralization of CRLF Sequences ('CRLF Injection') in GitLab — GitLabCWE-93 5.0 Medium2026-03-11
CVE-2025-14511 Improper Validation of Specified Quantity in Input in GitLab — GitLabCWE-1284 7.5 High2026-02-25
CVE-2026-0752 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.0 High2026-02-25
CVE-2026-1388 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 7.5 High2026-02-25
CVE-2026-1662 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 7.5 High2026-02-25
CVE-2026-1747 Authentication Bypass Using an Alternate Path or Channel in GitLab — GitLabCWE-288 4.3 Medium2026-02-25
CVE-2026-1725 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 5.3 Medium2026-02-25
CVE-2026-2845 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-02-25
CVE-2025-3525 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-02-25
CVE-2025-14103 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2026-02-25
CVE-2025-7659 Origin Validation Error in GitLab — GitLabCWE-346 8.0 High2026-02-11
CVE-2025-8099 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 7.5 High2026-02-11

This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.