Gitlab

Multiple vulnerabilities in GitLab CE/EE allow attackers to cause remote denial of service and bypass security policies in versions 18.11.x before 18.11.4, 19.x before 19.0.1, and before 18.10.7; these vulnerabilities are tracked as CVE-2026-1402, CVE-2026-2601, CVE-2026-2710, CVE-2026-4868, CVE-2026-5296, CVE-2026-6713, and CVE-2026-8716.

Multiple vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE) can allow an attacker to perform arbitrary code execution, compromise data confidentiality, perform server-side request forgery (SSRF), and other security breaches.

GitLab CE/EE versions 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 are vulnerable to improper authorization checks in Jira Connect installations, allowing an authenticated user with minimal workspace permissions to obtain installation credentials and impersonate the GitLab application.

CVE-2026-2995 is a vulnerability in GitLab EE versions 15.4 to 18.10.1 where an authenticated user can add email addresses to other user accounts due to improper HTML sanitization, potentially leading to account takeover or information disclosure.

CVE-2026-3988 is a denial of service vulnerability in GitLab CE/EE allowing unauthenticated users to crash instances by sending malformed GraphQL requests, affecting versions 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1.

CVE-2026-3857 describes a vulnerability in GitLab CE/EE versions 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1, where an unauthenticated user can execute arbitrary GraphQL mutations on behalf of authenticated users due to insufficient CSRF protection, potentially leading to data modification or privilege escalation.

The @yoda.digital/gitlab-mcp-server's SSE transport lacks authentication and uses wildcard CORS, enabling unauthenticated attackers to execute arbitrary GitLab API calls using the operator's GitLab PAT, including destructive operations.