{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-3988/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["medium"],"_cs_tags":["denial-of-service","graphql","gitlab","cve-2026-3988"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-3988 is a denial-of-service (DoS) vulnerability affecting GitLab CE/EE. The vulnerability resides in the processing of GraphQL requests and stems from improper input validation. An unauthenticated attacker can exploit this flaw by sending specially crafted GraphQL requests, causing the GitLab instance to become unresponsive, effectively denying service to legitimate users. The affected versions include all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1…\u003c/p\u003e\n","date_modified":"2026-03-26T12:00:00Z","date_published":"2026-03-26T12:00:00Z","id":"/briefs/2026-03-gitlab-graphql-dos/","summary":"CVE-2026-3988 is a denial of service vulnerability in GitLab CE/EE allowing unauthenticated users to crash instances by sending malformed GraphQL requests, affecting versions 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1.","title":"GitLab GraphQL Denial of Service Vulnerability (CVE-2026-3988)","url":"https://feed.craftedsignal.io/briefs/2026-03-gitlab-graphql-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-3988","version":"https://jsonfeed.org/version/1.1"}