Multiple vulnerabilities have been discovered in GitLab, allowing attackers to cause remote denial‑of‑service attacks and bypass security policies. The affected releases include GitLab Community Edition (CE) and Enterprise Edition (EE) versions 18.11.x prior to 18.11.4, 19.x prior to 19.0.1, and all versions earlier than 18.10.7. The French CERT has issued an advisory (CERTFR‑2026‑AVI‑0658) urging users of the vulnerable releases to apply the vendor’s patches. The security bulletin from GitLab (released 27 May 2026) lists the CVEs: CVE‑2026‑1402, CVE‑2026‑2601, CVE‑2026‑2710, CVE‑2026‑4868, CVE‑2026‑5296, CVE‑2026‑6713, and CVE‑2026‑8716. Users should consult the GitLab documentation for update procedures. Attackers could trigger service interruptions or gain elevated privileges. The advisory recommends upgrading to the latest GitLab version or applying the security patches provided by the vendor.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.