Gitlab
This hub aggregates every CVE we track for Gitlab, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
1,409
CVEs tracked
59
Critical
291
High
4
In CISA KEV
Severity distribution
MEDIUM883HIGH291LOW176CRITICAL59
Monthly trend
15
21
10
12
12
10
19
22
8
14
20
10
15
16
10
14
11
13
25
27
22
31
24
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Gitlab.
- CVE-2026-10086Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab8.7
- CVE-2026-0934Incorrect Authorization in GitLab3.8
- CVE-2026-1606Improper Control of Generation of Code ('Code Injection') in GitLab4.3
- CVE-2026-2238Missing Authorization in GitLab5.3
- CVE-2026-3176Missing Authorization in GitLab3.1
- CVE-2026-5309Authorization Bypass Through User-Controlled Key in GitLab5.4
- CVE-2026-5796Incorrect Authorization in GitLab4.3
- CVE-2026-5952Incorrect Authorization in GitLab4.3
- CVE-2026-8330Insertion of Sensitive Information into Log File in GitLab4.4
- CVE-2026-10712Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab8.0
- CVE-2026-11379Incorrect Authorization in GitLab5.3
- CVE-2026-12053Insertion of Sensitive Information into Log File in GitLab8.6
- CVE-2026-1500Allocation of Resources Without Limits or Throttling in GitLab6.5
- CVE-2026-3553Incorrect Authorization in GitLab3.1
- CVE-2026-6269Incorrect Authorization in GitLab5.4
Product normalization is registry-driven with AI assist and human review. How it works