Search

Find a vulnerability

Search criteria

    1268 vulnerabilities

    CVE-2026-15168 (GCVE-0-2026-15168)

    Vulnerability from cvelistv5 – Published: 2026-07-08 21:47 – Updated: 2026-07-09 13:54
    VLAI
    Title
    Use of Uninitialized Variable in Wireshark
    Summary
    BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-457 - Use of Uninitialized Variable
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Credits
    Thai Duong Tran
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15168",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:53:59.967240Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:54:17.773Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21361"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thai Duong Tran"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 2.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-457",
                  "description": "CWE-457: Use of Uninitialized Variable",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T21:47:19.856Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-60.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21361"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Use of Uninitialized Variable in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15168",
        "datePublished": "2026-07-08T21:47:19.856Z",
        "dateReserved": "2026-07-08T20:45:38.879Z",
        "dateUpdated": "2026-07-09T13:54:17.773Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15166 (GCVE-0-2026-15166)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:55 – Updated: 2026-07-09 13:13
    VLAI
    Title
    Stack-based Buffer Overflow in Wireshark
    Summary
    IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Credits
    Claude and Ada Logics
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15166",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:13:42.996528Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:13:51.109Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21391"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Claude and Ada Logics"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:55:55.070Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-57.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21391"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Stack-based Buffer Overflow in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15166",
        "datePublished": "2026-07-08T20:55:55.070Z",
        "dateReserved": "2026-07-08T20:45:28.864Z",
        "dateUpdated": "2026-07-09T13:13:51.109Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15174 (GCVE-0-2026-15174)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:51 – Updated: 2026-07-09 13:14
    VLAI
    Title
    Heap-based Buffer Overflow in Wireshark
    Summary
    Catapult DCT2000 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Credits
    Michael Bommarito
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15174",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:14:34.596925Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:14:37.906Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21270"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Bommarito"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Catapult DCT2000 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:51:25.274Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-52.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21270"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Heap-based Buffer Overflow in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15174",
        "datePublished": "2026-07-08T20:51:25.274Z",
        "dateReserved": "2026-07-08T20:46:08.884Z",
        "dateUpdated": "2026-07-09T13:14:37.906Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15172 (GCVE-0-2026-15172)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:51 – Updated: 2026-07-09 13:42
    VLAI
    Title
    Unchecked Input for Loop Condition in Wireshark
    Summary
    FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-606 - Unchecked Input for Loop Condition
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Credits
    Gabriel Rodrigues
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15172",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:42:40.189292Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:42:52.886Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gabriel Rodrigues"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-606",
                  "description": "CWE-606: Unchecked Input for Loop Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:51:20.287Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-54.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21347"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Unchecked Input for Loop Condition in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15172",
        "datePublished": "2026-07-08T20:51:20.287Z",
        "dateReserved": "2026-07-08T20:45:58.875Z",
        "dateUpdated": "2026-07-09T13:42:52.886Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15173 (GCVE-0-2026-15173)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:51 – Updated: 2026-07-09 13:44
    VLAI
    Title
    Heap-based Buffer Overflow in Wireshark
    Summary
    pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Create a notification for this product.
    Credits
    Mitchell Benjamin
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15173",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:44:18.595204Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:44:23.196Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21285"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Mitchell Benjamin"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:51:15.275Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-53.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21285"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Heap-based Buffer Overflow in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15173",
        "datePublished": "2026-07-08T20:51:15.275Z",
        "dateReserved": "2026-07-08T20:46:03.869Z",
        "dateUpdated": "2026-07-09T13:44:23.196Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15171 (GCVE-0-2026-15171)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:51 – Updated: 2026-07-09 13:44
    VLAI
    Title
    NULL Pointer Dereference in Wireshark
    Summary
    SSH protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Credits
    Dmitrijs Trizna
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15171",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:44:51.561918Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:44:55.663Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21378"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Dmitrijs Trizna"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "SSH protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:51:10.283Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-55.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21378"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "NULL Pointer Dereference in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15171",
        "datePublished": "2026-07-08T20:51:10.283Z",
        "dateReserved": "2026-07-08T20:45:53.857Z",
        "dateUpdated": "2026-07-09T13:44:55.663Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15169 (GCVE-0-2026-15169)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:51 – Updated: 2026-07-09 13:45
    VLAI
    Title
    Heap-based Buffer Overflow in Wireshark
    Summary
    UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Credits
    Claude and Ada Logics
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15169",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:45:23.407997Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:45:27.007Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21398"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Claude and Ada Logics"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:51:05.273Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-59.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21398"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Heap-based Buffer Overflow in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15169",
        "datePublished": "2026-07-08T20:51:05.273Z",
        "dateReserved": "2026-07-08T20:45:43.874Z",
        "dateUpdated": "2026-07-09T13:45:27.007Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15167 (GCVE-0-2026-15167)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:51 – Updated: 2026-07-09 13:45
    VLAI
    Title
    Stack-based Buffer Overflow in Wireshark
    Summary
    DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Credits
    Nguyen Huu Trung
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15167",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:45:52.891240Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:45:58.260Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Nguyen Huu Trung"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:51:00.295Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-62.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21352"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Stack-based Buffer Overflow in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15167",
        "datePublished": "2026-07-08T20:51:00.295Z",
        "dateReserved": "2026-07-08T20:45:33.866Z",
        "dateUpdated": "2026-07-09T13:45:58.260Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15170 (GCVE-0-2026-15170)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:50 – Updated: 2026-07-09 13:46
    VLAI
    Title
    Heap-based Buffer Overflow in Wireshark
    Summary
    Z39.50 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Credits
    Claude and Ada Logics
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15170",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:46:27.644761Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:46:30.782Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21397"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Claude and Ada Logics"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Z39.50 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:50:50.275Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-58.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21397"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Heap-based Buffer Overflow in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15170",
        "datePublished": "2026-07-08T20:50:50.275Z",
        "dateReserved": "2026-07-08T20:45:48.875Z",
        "dateUpdated": "2026-07-09T13:46:30.782Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15165 (GCVE-0-2026-15165)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:50 – Updated: 2026-07-09 13:47
    VLAI
    Title
    Heap-based Buffer Overflow in Wireshark
    Summary
    TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Create a notification for this product.
    Credits
    Claude and Ada Logics
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15165",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:46:53.770490Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:47:02.064Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21390"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Claude and Ada Logics"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:50:45.283Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-56.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21390"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Heap-based Buffer Overflow in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15165",
        "datePublished": "2026-07-08T20:50:45.283Z",
        "dateReserved": "2026-07-08T20:45:23.874Z",
        "dateUpdated": "2026-07-09T13:47:02.064Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15163 (GCVE-0-2026-15163)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:50 – Updated: 2026-07-09 13:49
    VLAI
    Title
    Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
    Summary
    Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation Wireshark Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15163",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:49:18.560769Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:49:25.283Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Wireshark",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:50:40.278Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-61.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21275"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21277"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21330"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21383"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) in Wireshark"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15163",
        "datePublished": "2026-07-08T20:50:40.278Z",
        "dateReserved": "2026-07-08T20:45:13.994Z",
        "dateUpdated": "2026-07-09T13:49:25.283Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15164 (GCVE-0-2026-15164)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:50 – Updated: 2026-07-09 13:50
    VLAI
    Title
    Heap-based Buffer Overflow in ciscodump
    Summary
    Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Wireshark Foundation ciscodump Affected: 4.6.0 , < 4.6.7 (semver)
    Affected: 4.4.0 , < 4.4.17 (semver)
    Create a notification for this product.
    Credits
    0sec and Doruk Tan Ozturk
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15164",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:50:05.522806Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:50:08.985Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21375"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ciscodump",
              "vendor": "Wireshark Foundation",
              "versions": [
                {
                  "lessThan": "4.6.7",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "4.4.17",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "0sec and Doruk Tan Ozturk"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:50:35.393Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://www.wireshark.org/security/wnpa-sec-2026-63.html"
            },
            {
              "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21375"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to version 4.6.7 or above"
            }
          ],
          "title": "Heap-based Buffer Overflow in ciscodump"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-15164",
        "datePublished": "2026-07-08T20:50:35.393Z",
        "dateReserved": "2026-07-08T20:45:18.867Z",
        "dateUpdated": "2026-07-09T13:50:08.985Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-12506 (GCVE-0-2025-12506)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:47 – Updated: 2026-07-09 13:53
    VLAI
    Title
    Use of Incorrectly-Resolved Name or Reference in GitLab
    Summary
    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create a repository where the content displayed in the web interface differed from the content available for download, due to improper handling of Git reference name resolution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-706 - Use of Incorrectly-Resolved Name or Reference
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 16.5 , < 18.11.7 (semver)
    Affected: 19.0 , < 19.0.4 (semver)
    Affected: 19.1 , < 19.1.2 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [shells3c](https://hackerone.com/shells3c) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-12506",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:53:19.849180Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:53:34.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.7",
                  "status": "affected",
                  "version": "16.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.4",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.2",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [shells3c](https://hackerone.com/shells3c) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create a repository where the content displayed in the web interface differed from the content available for download, due to improper handling of Git reference name resolution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-706",
                  "description": "CWE-706: Use of Incorrectly-Resolved Name or Reference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:47:28.863Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "name": "HackerOne Bug Bounty Report #3351460",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3351460"
            },
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/578988"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.7, 19.0.4, 19.1.2 or above."
            }
          ],
          "title": "Use of Incorrectly-Resolved Name or Reference in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2025-12506",
        "datePublished": "2026-07-08T20:47:28.863Z",
        "dateReserved": "2025-10-30T14:05:29.287Z",
        "dateUpdated": "2026-07-09T13:53:34.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6352 (GCVE-0-2026-6352)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:46 – Updated: 2026-07-09 14:13
    VLAI
    Title
    Incorrect Authorization in GitLab
    Summary
    GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with auditor-level access to modify compliance violation records due to improper authorization on certain GraphQL operations.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 18.2 , < 18.11.7 (semver)
    Affected: 19.0 , < 19.0.4 (semver)
    Affected: 19.1 , < 19.1.2 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [amanverasia](https://hackerone.com/amanverasia) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6352",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T14:13:12.188493Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T14:13:17.427Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.7",
                  "status": "affected",
                  "version": "18.2",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.4",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.2",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [amanverasia](https://hackerone.com/amanverasia) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with auditor-level access to modify compliance violation records due to improper authorization on certain GraphQL operations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:46:43.862Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/596789"
            },
            {
              "name": "HackerOne Bug Bounty Report #3631344",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3631344"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.7, 19.0.4, 19.1.2 or above."
            }
          ],
          "title": "Incorrect Authorization in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-6352",
        "datePublished": "2026-07-08T20:46:43.862Z",
        "dateReserved": "2026-04-15T13:03:48.044Z",
        "dateUpdated": "2026-07-09T14:13:17.427Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6896 (GCVE-0-2026-6896)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:46 – Updated: 2026-07-09 14:13
    VLAI
    Title
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
    Summary
    GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary scripts in another user's browser session due to improper sanitization of user-supplied input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 13.11 , < 18.11.7 (semver)
    Affected: 19.0 , < 19.0.4 (semver)
    Affected: 19.1 , < 19.1.2 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6896",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T14:13:44.236024Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T14:13:51.367Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.7",
                  "status": "affected",
                  "version": "13.11",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.4",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.2",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary scripts in another user\u0027s browser session due to improper sanitization of user-supplied input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:46:38.858Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/597887"
            },
            {
              "name": "HackerOne Bug Bounty Report #3682085",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3682085"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.7, 19.0.4, 19.1.2 or above."
            }
          ],
          "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-6896",
        "datePublished": "2026-07-08T20:46:38.858Z",
        "dateReserved": "2026-04-23T05:33:12.333Z",
        "dateUpdated": "2026-07-09T14:13:51.367Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-7492 (GCVE-0-2026-7492)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:46 – Updated: 2026-07-09 14:14
    VLAI
    Title
    Missing Authorization in GitLab
    Summary
    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.1 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an unauthenticated user to determine the existence of a private project due to improper authorization controls on cross-project reference pages.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 9.1 , < 18.11.7 (semver)
    Affected: 19.0 , < 19.0.4 (semver)
    Affected: 19.1 , < 19.1.2 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [nathanaelhoun](https://hackerone.com/nathanaelhoun) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-7492",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T14:14:09.362350Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T14:14:15.159Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.7",
                  "status": "affected",
                  "version": "9.1",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.4",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.2",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [nathanaelhoun](https://hackerone.com/nathanaelhoun) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.1 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an unauthenticated user to determine the existence of a private project due to improper authorization controls on cross-project reference pages."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862: Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:46:33.861Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "name": "HackerOne Bug Bounty Report #3704739",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3704739"
            },
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/597947"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.7, 19.0.4, 19.1.2 or above."
            }
          ],
          "title": "Missing Authorization in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-7492",
        "datePublished": "2026-07-08T20:46:33.861Z",
        "dateReserved": "2026-04-30T09:04:45.873Z",
        "dateUpdated": "2026-07-09T14:14:15.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8472 (GCVE-0-2026-8472)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:46 – Updated: 2026-07-09 14:14
    VLAI
    Title
    Missing Authorization in GitLab
    Summary
    GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to missing authorization checks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 18.9 , < 18.11.7 (semver)
    Affected: 19.0 , < 19.0.4 (semver)
    Affected: 19.1 , < 19.1.2 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [go7f0](https://hackerone.com/go7f0) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8472",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T14:14:37.744166Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T14:14:43.271Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.7",
                  "status": "affected",
                  "version": "18.9",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.4",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.2",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [go7f0](https://hackerone.com/go7f0) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to missing authorization checks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862: Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:46:28.855Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/599987"
            },
            {
              "name": "HackerOne Bug Bounty Report #3615282",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3615282"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.7, 19.0.4, 19.1.2 or above."
            }
          ],
          "title": "Missing Authorization in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-8472",
        "datePublished": "2026-07-08T20:46:28.855Z",
        "dateReserved": "2026-05-13T13:04:47.771Z",
        "dateUpdated": "2026-07-09T14:14:43.271Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-11827 (GCVE-0-2026-11827)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:46 – Updated: 2026-07-09 14:15
    VLAI
    Title
    Insufficiently Protected Credentials in GitLab
    Summary
    GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user's stored credentials due to improper authorization controls.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 9.5 , < 18.11.7 (semver)
    Affected: 19.0 , < 19.0.4 (semver)
    Affected: 19.1 , < 19.1.2 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [rogerace](https://hackerone.com/rogerace) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-11827",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T14:14:56.093248Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T14:15:01.193Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.7",
                  "status": "affected",
                  "version": "9.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.4",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.2",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [rogerace](https://hackerone.com/rogerace) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user\u0027s stored credentials due to improper authorization controls."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522: Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:46:23.863Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/602478"
            },
            {
              "name": "HackerOne Bug Bounty Report #3720483",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3720483"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.7, 19.0.4, 19.1.2 or above."
            }
          ],
          "title": "Insufficiently Protected Credentials in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-11827",
        "datePublished": "2026-07-08T20:46:23.863Z",
        "dateReserved": "2026-06-09T20:03:57.026Z",
        "dateUpdated": "2026-07-09T14:15:01.193Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-13151 (GCVE-0-2026-13151)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:46 – Updated: 2026-07-09 14:25
    VLAI
    Title
    Incorrect Authorization in GitLab
    Summary
    GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to modify group-level settings beyond their intended permissions due to improper authorization controls.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 16.10 , < 18.11.7 (semver)
    Affected: 19.0 , < 19.0.4 (semver)
    Affected: 19.1 , < 19.1.2 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    This vulnerability has been discovered internally by GitLab team member zli
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-13151",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T14:25:42.875527Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T14:25:51.832Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.7",
                  "status": "affected",
                  "version": "16.10",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.4",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.2",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This vulnerability has been discovered internally by GitLab team member zli"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to modify group-level settings beyond their intended permissions due to improper authorization controls."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:46:18.853Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/598813"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.7, 19.0.4, 19.1.2 or above."
            }
          ],
          "title": "Incorrect Authorization in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-13151",
        "datePublished": "2026-07-08T20:46:18.853Z",
        "dateReserved": "2026-06-24T10:43:58.146Z",
        "dateUpdated": "2026-07-09T14:25:51.832Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-13320 (GCVE-0-2026-13320)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:46 – Updated: 2026-07-09 13:41
    VLAI
    Title
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
    Summary
    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary scripts in another user's browser session due to improper sanitization of user-supplied input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 15.7 , < 18.11.7 (semver)
    Affected: 19.0 , < 19.0.4 (semver)
    Affected: 19.1 , < 19.1.2 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [youzslan](https://hackerone.com/youzslan) and [a_m_a_m](https://hackerone.com/a_m_a_m) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-13320",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:41:38.644164Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:41:48.373Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.7",
                  "status": "affected",
                  "version": "15.7",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.4",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.2",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [youzslan](https://hackerone.com/youzslan) and [a_m_a_m](https://hackerone.com/a_m_a_m) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary scripts in another user\u0027s browser session due to improper sanitization of user-supplied input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T20:46:13.854Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/604063"
            },
            {
              "name": "HackerOne Bug Bounty Report #3816917",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3816917"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.7, 19.0.4, 19.1.2 or above."
            }
          ],
          "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-13320",
        "datePublished": "2026-07-08T20:46:13.854Z",
        "dateReserved": "2026-06-25T08:13:57.255Z",
        "dateUpdated": "2026-07-09T13:41:48.373Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10086 (GCVE-0-2026-10086)

    Vulnerability from cvelistv5 – Published: 2026-06-25 05:03 – Updated: 2026-06-26 03:55
    VLAI
    Title
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
    Summary
    GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code in the context of another user's session, due to improper sanitization of user-supplied input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 16.4 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10086",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-26T03:55:20.860Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "16.4",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code in the context of another user\u0027s session, due to improper sanitization of user-supplied input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T05:03:58.451Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/601634"
            },
            {
              "name": "HackerOne Bug Bounty Report #3734800",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3734800"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-10086",
        "datePublished": "2026-06-25T05:03:58.451Z",
        "dateReserved": "2026-05-29T12:04:39.988Z",
        "dateUpdated": "2026-06-26T03:55:20.860Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0934 (GCVE-0-2026-0934)

    Vulnerability from cvelistv5 – Published: 2026-06-25 04:35 – Updated: 2026-06-25 12:50
    VLAI
    Title
    Incorrect Authorization in GitLab
    Summary
    GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with custom role permissions to view, create, or delete protected environment configurations despite CI/CD visibility being disabled for the project.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 17.9 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [vulnable](https://hackerone.com/vulnable) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0934",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T12:50:11.428883Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T12:50:22.510Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "17.9",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [vulnable](https://hackerone.com/vulnable) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with custom role permissions to view, create, or delete protected environment configurations despite CI/CD visibility being disabled for the project."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T04:35:54.038Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "name": "HackerOne Bug Bounty Report #3508760",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3508760"
            },
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/585961"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Incorrect Authorization in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-0934",
        "datePublished": "2026-06-25T04:35:54.038Z",
        "dateReserved": "2026-01-14T08:33:35.395Z",
        "dateUpdated": "2026-06-25T12:50:22.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1606 (GCVE-0-2026-1606)

    Vulnerability from cvelistv5 – Published: 2026-06-25 04:34 – Updated: 2026-06-25 12:55
    VLAI
    Title
    Improper Control of Generation of Code ('Code Injection') in GitLab
    Summary
    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.8 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to conceal content within a Snippet due to improper input validation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 14.8 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [st4nly0n](https://hackerone.com/st4nly0n) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1606",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T12:51:03.290608Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T12:55:06.795Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "14.8",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [st4nly0n](https://hackerone.com/st4nly0n) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.8 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to conceal content within a Snippet due to improper input validation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T04:34:59.038Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "name": "HackerOne Bug Bounty Report #3527473",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3527473"
            },
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/588128"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Improper Control of Generation of Code (\u0027Code Injection\u0027) in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-1606",
        "datePublished": "2026-06-25T04:34:59.038Z",
        "dateReserved": "2026-01-29T11:33:26.506Z",
        "dateUpdated": "2026-06-25T12:55:06.795Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2238 (GCVE-0-2026-2238)

    Vulnerability from cvelistv5 – Published: 2026-06-25 04:34 – Updated: 2026-06-25 12:56
    VLAI
    Title
    Missing Authorization in GitLab
    Summary
    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an unauthenticated user to view confidential issue references on public projects due to improper authorization checks.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 17.5 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [modhanami](https://hackerone.com/modhanami) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2238",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T12:55:19.991027Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T12:56:58.304Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "17.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [modhanami](https://hackerone.com/modhanami) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an unauthenticated user to view confidential issue references on public projects due to improper authorization checks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862: Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T04:34:54.041Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "name": "HackerOne Bug Bounty Report #3543011",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3543011"
            },
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/589186"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Missing Authorization in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-2238",
        "datePublished": "2026-06-25T04:34:54.041Z",
        "dateReserved": "2026-02-09T06:33:06.781Z",
        "dateUpdated": "2026-06-25T12:56:58.304Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3176 (GCVE-0-2026-3176)

    Vulnerability from cvelistv5 – Published: 2026-06-25 04:34 – Updated: 2026-06-25 12:58
    VLAI
    Title
    Missing Authorization in GitLab
    Summary
    GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with limited permissions to access project information due to insufficient authorization checks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 18.6 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [modestia](https://hackerone.com/modestia) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3176",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T12:58:32.824711Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T12:58:45.561Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "18.6",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [modestia](https://hackerone.com/modestia) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with limited permissions to access project information due to insufficient authorization checks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862: Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T04:34:39.038Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "name": "HackerOne Bug Bounty Report #3568164",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3568164"
            },
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/591373"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Missing Authorization in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-3176",
        "datePublished": "2026-06-25T04:34:39.038Z",
        "dateReserved": "2026-02-25T00:06:35.219Z",
        "dateUpdated": "2026-06-25T12:58:45.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5309 (GCVE-0-2026-5309)

    Vulnerability from cvelistv5 – Published: 2026-06-25 04:34 – Updated: 2026-06-25 13:02
    VLAI
    Title
    Authorization Bypass Through User-Controlled Key in GitLab
    Summary
    GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without authorization.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 18.6 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [go7f0](https://hackerone.com/go7f0) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5309",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T13:01:32.835888Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T13:02:04.632Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "18.6",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [go7f0](https://hackerone.com/go7f0) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group\u0027s virtual registry cleanup policy settings without authorization."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "CWE-639: Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T04:34:29.038Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/595468"
            },
            {
              "name": "HackerOne Bug Bounty Report #3628793",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3628793"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Authorization Bypass Through User-Controlled Key in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-5309",
        "datePublished": "2026-06-25T04:34:29.038Z",
        "dateReserved": "2026-04-01T11:33:45.470Z",
        "dateUpdated": "2026-06-25T13:02:04.632Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5796 (GCVE-0-2026-5796)

    Vulnerability from cvelistv5 – Published: 2026-06-25 04:34 – Updated: 2026-06-25 13:03
    VLAI
    Title
    Incorrect Authorization in GitLab
    Summary
    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with Reporter-level group permissions to view package metadata from projects with the Package Registry disabled due to incorrect authorization checks in the group packages feature.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 13.6 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [harshinsecurity](https://hackerone.com/harshinsecurity) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5796",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T13:02:59.427397Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T13:03:08.906Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "13.6",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [harshinsecurity](https://hackerone.com/harshinsecurity) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with Reporter-level group permissions to view package metadata from projects with the Package Registry disabled due to incorrect authorization checks in the group packages feature."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T04:34:24.040Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/596035"
            },
            {
              "name": "HackerOne Bug Bounty Report #3646902",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3646902"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Incorrect Authorization in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-5796",
        "datePublished": "2026-06-25T04:34:24.040Z",
        "dateReserved": "2026-04-08T13:34:11.540Z",
        "dateUpdated": "2026-06-25T13:03:08.906Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5952 (GCVE-0-2026-5952)

    Vulnerability from cvelistv5 – Published: 2026-06-25 04:34 – Updated: 2026-06-25 13:07
    VLAI
    Title
    Incorrect Authorization in GitLab
    Summary
    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to bypass package protection rules and overwrite protected Maven package metadata due to incorrect authorization checks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 17.11 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [pkkr](https://hackerone.com/pkkr) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5952",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T13:06:34.162967Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T13:07:25.242Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "17.11",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [pkkr](https://hackerone.com/pkkr) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to bypass package protection rules and overwrite protected Maven package metadata due to incorrect authorization checks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T04:34:14.043Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/596134"
            },
            {
              "name": "HackerOne Bug Bounty Report #3632428",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3632428"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Incorrect Authorization in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-5952",
        "datePublished": "2026-06-25T04:34:14.043Z",
        "dateReserved": "2026-04-09T07:04:17.666Z",
        "dateUpdated": "2026-06-25T13:07:25.242Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8330 (GCVE-0-2026-8330)

    Vulnerability from cvelistv5 – Published: 2026-06-25 04:34 – Updated: 2026-06-25 13:09
    VLAI
    Title
    Insertion of Sensitive Information into Log File in GitLab
    Summary
    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 9.3 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    This vulnerability has been discovered internally by GitLab team member Joel Clarke
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8330",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T13:09:13.818558Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T13:09:32.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "9.3",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This vulnerability has been discovered internally by GitLab team member Joel Clarke"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532: Insertion of Sensitive Information into Log File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T04:34:04.042Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/599621"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Insertion of Sensitive Information into Log File in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-8330",
        "datePublished": "2026-06-25T04:34:04.042Z",
        "dateReserved": "2026-05-11T15:06:21.504Z",
        "dateUpdated": "2026-06-25T13:09:32.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10712 (GCVE-0-2026-10712)

    Vulnerability from cvelistv5 – Published: 2026-06-25 04:33 – Updated: 2026-06-26 03:55
    VLAI
    Title
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
    Summary
    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an unauthenticated user to execute arbitrary JavaScript in a user's browser session due to improper path validation under certain conditions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    GitLab GitLab Affected: 18.10 , < 18.11.6 (semver)
    Affected: 19.0 , < 19.0.3 (semver)
    Affected: 19.1 , < 19.1.1 (semver)
        cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10712",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-26T03:55:21.959Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "GitLab",
              "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
              "vendor": "GitLab",
              "versions": [
                {
                  "lessThan": "18.11.6",
                  "status": "affected",
                  "version": "18.10",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.0.3",
                  "status": "affected",
                  "version": "19.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "19.1.1",
                  "status": "affected",
                  "version": "19.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an unauthenticated user to execute arbitrary JavaScript in a user\u0027s browser session due to improper path validation under certain conditions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T04:33:54.043Z",
            "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            "shortName": "GitLab"
          },
          "references": [
            {
              "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/601857"
            },
            {
              "name": "HackerOne Bug Bounty Report #3688717",
              "tags": [
                "technical-description",
                "exploit",
                "permissions-required"
              ],
              "url": "https://hackerone.com/reports/3688717"
            },
            {
              "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above."
            }
          ],
          "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in GitLab"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "assignerShortName": "GitLab",
        "cveId": "CVE-2026-10712",
        "datePublished": "2026-06-25T04:33:54.043Z",
        "dateReserved": "2026-06-02T19:03:41.470Z",
        "dateUpdated": "2026-06-26T03:55:21.959Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }