Search CVE reports


Toggle filters

1 – 10 of 1619 results


CVE-2026-8472

Medium priority

Not in release

GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access...

1 affected package

gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release
Show less packages

CVE-2026-7492

Medium priority

Not in release

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.1 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an unauthenticated user to determine the...

1 affected package

gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release
Show less packages

CVE-2026-6896

Medium priority

Not in release

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role...

1 affected package

gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release
Show less packages

CVE-2026-6352

Medium priority

Not in release

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with auditor-level...

1 affected package

gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release
Show less packages

CVE-2026-13320

Medium priority

Not in release

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary...

1 affected package

gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release
Show less packages

CVE-2026-13151

Medium priority

Not in release

GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to modify group-level...

1 affected package

gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release
Show less packages

CVE-2026-11827

Medium priority

Not in release

GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role...

1 affected package

gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release
Show less packages

CVE-2025-12506

Medium priority

Not in release

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create...

1 affected package

gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release
Show less packages

CVE-2026-58212

Medium priority
Ignored

Rejected reason: Further research determined the issue is not a vulnerability based on CNA Rule 4.1.12 The act of updating Product dependencies MUST NOT be determined to be a Vulnerability, regardless of whether the dependencies...

2 affected packages

golang-github-nats-io-nkeys, nats-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-github-nats-io-nkeys Not affected Not affected Not affected Not affected
nats-server Not affected Not affected Not in release
Show less packages

CVE-2026-53624

Medium priority

Not in release

Fiber is an Express inspired web framework written in Go. Prior to 3.4.0, the helmet middleware in middleware/helmet/helmet.go never sets the Strict-Transport-Security response header even when HSTSMaxAge is configured because it...

2 affected packages

golang-github-gofiber-fiber, golang-github-gofiber-fiber-v2

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-github-gofiber-fiber Not in release Not in release Not in release
golang-github-gofiber-fiber-v2 Not in release Not in release Not in release
Show less packages