Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 1055

Browse all 1055 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

GitLab operates as a comprehensive DevOps platform, providing version control, continuous integration, and deployment capabilities primarily for software development teams. With over one thousand recorded CVEs, the software has historically been susceptible to critical vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation attacks. These flaws often stem from complex integrations and API endpoints, allowing attackers to bypass authentication or execute arbitrary commands on affected servers. Notable incidents have included unauthorized access to private repositories and data exfiltration due to improper access controls. The high volume of vulnerabilities reflects the platform’s extensive feature set and frequent updates, necessitating rigorous patch management. Security assessments consistently highlight the importance of configuring secure defaults and monitoring for known exploit patterns to mitigate risks associated with its broad attack surface.

Found 992 results / 1055Clear Filters
Top products by GitLab: GitLab GitLab CE/EE GitLab Community and Enterprise Editions GitLab EE GitLab Runner gitlab-vscode-extension DAST GitLab Community Edition and GitLab Enterprise Edition Gitaly GitLab Pages DAST API scanner GitLab DAST API scanner GitLab VSCode Fork GitLab Language Server GitLab AI Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2026-1500 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-06-11
CVE-2026-3553 Incorrect Authorization in GitLab — GitLabCWE-863 3.1 Low2026-06-11
CVE-2026-6269 Incorrect Authorization in GitLab — GitLabCWE-863 5.4 Medium2026-06-11
CVE-2026-6277 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2026-06-11
CVE-2026-6552 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 8.7 High2026-06-11
CVE-2026-6976 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 3.7 Low2026-06-11
CVE-2026-7250 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 7.5 High2026-06-11
CVE-2026-8589 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 7.3 High2026-06-11
CVE-2026-9204 Server-Side Request Forgery (SSRF) in GitLab — GitLabCWE-918 5.3 Medium2026-06-11
CVE-2026-9694 Improper Neutralization of Substitution Characters in GitLab — GitLabCWE-153 2.6 Low2026-06-11
CVE-2026-10087 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2026-06-11
CVE-2026-10733 Improper Restriction of Rendered UI Layers or Frames in GitLab — GitLabCWE-1021 4.3 Medium2026-06-11
CVE-2026-9807 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2026-05-28
CVE-2026-1402 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2026-05-27
CVE-2026-2601 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2026-05-27
CVE-2026-4868 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 8.2 High2026-05-27
CVE-2026-5296 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2026-05-27
CVE-2026-6713 Incorrect Authorization in GitLab — GitLabCWE-863 5.3 Medium2026-05-27
CVE-2026-8716 Use of Incorrectly-Resolved Name or Reference in GitLab — GitLabCWE-706 4.3 Medium2026-05-27
CVE-2025-12669 Improper Control of Generation of Code ('Code Injection') in GitLab — GitLabCWE-94 5.4 Medium2026-05-14
CVE-2025-13874 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 4.3 Medium2026-05-14
CVE-2025-14869 Improper Validation of Specified Quantity in Input in GitLab — GitLabCWE-1284 7.5 High2026-05-14
CVE-2025-14870 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 7.5 High2026-05-14
CVE-2026-1184 Deserialization of Untrusted Data in GitLab — GitLabCWE-502 6.5 Medium2026-05-14
CVE-2026-1322 Business Logic Errors in GitLab — GitLabCWE-840 6.8 Medium2026-05-14
CVE-2026-1338 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 4.3 Medium2026-05-14
CVE-2026-1659 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 7.5 High2026-05-14
CVE-2026-2900 Missing Authorization in GitLab — GitLabCWE-862 2.7 Low2026-05-14
CVE-2026-3073 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 4.3 Medium2026-05-14
CVE-2026-3074 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 4.3 Medium2026-05-14

This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.