GitLab GraphQL Denial of Service Vulnerability (CVE-2026-3988)
CVE-2026-3988 is a denial of service vulnerability in GitLab CE/EE allowing unauthenticated users to crash instances by sending malformed GraphQL requests, affecting versions 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1.
CVE-2026-3988 is a denial-of-service (DoS) vulnerability affecting GitLab CE/EE. The vulnerability resides in the processing of GraphQL requests and stems from improper input validation. An unauthenticated attacker can exploit this flaw by sending specially crafted GraphQL requests, causing the GitLab instance to become unresponsive, effectively denying service to legitimate users. The affected versions include all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1…
Detection coverage 2
Detect Suspicious GraphQL Requests
mediumDetects potentially malicious GraphQL requests based on request size and complexity.
Detect High Volume GraphQL Requests from Single IP
highDetects a high volume of GraphQL requests originating from a single IP address, indicating a potential DoS attempt.
Detection queries are kept inside the platform. Get full rules →