Description
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to access confidential issue content in public projects without proper authorization due to improper authorization checks.
Published: 2026-05-14
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

GitLab vulnerable to an authentication bypass that allows an authenticated user to read confidential issue content in public projects without proper authorization. The flaw originates from improper authorization checks and is classified as CWE-288. Attackers can exfiltrate sensitive information by exploiting this bypass, compromising confidentiality of issue data.

Affected Systems

The affected product is GitLab Community and Enterprise Editions. Versions from 18.9.1 through 18.9.6, 18.10.0 through 18.10.5, and 18.11.0 through 18.11.2 are impacted. All lower versions of these releases are vulnerable.

Risk and Exploitability

The CVSS score of 6.5 indicates a medium severity with potential for data exposure. EPSS information is unavailable and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector requires the attacker to have valid credentials; the attacker can then use an alternate path or channel to access issue content that should be restricted. No requirement for remote network access beyond user authentication is specified in the description.

Generated by OpenCVE AI on May 14, 2026 at 07:51 UTC.

Remediation

Vendor Solution

Upgrade to versions 18.9.7, 18.10.6, 18.11.3 or above.

OpenCVE Recommended Actions

  • Upgrade GitLab to 18.9.7, 18.10.6, 18.11.3, or a later release that contains the fix
  • Restrict public visibility of projects that contain confidential issues until the patch is applied
  • Review and adjust confidential issue settings to ensure only authorized users can access them

Generated by OpenCVE AI on May 14, 2026 at 07:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 15 May 2026 20:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Thu, 14 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 14 May 2026 06:00:00 +0000

Type Values Removed Values Added
Description GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to access confidential issue content in public projects without proper authorization due to improper authorization checks.
Title Authentication Bypass Using an Alternate Path or Channel in GitLab
First Time appeared Gitlab
Gitlab gitlab
Weaknesses CWE-288
CPEs cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Vendors & Products Gitlab
Gitlab gitlab
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Gitlab Gitlab
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-05-14T13:23:21.379Z

Reserved: 2026-03-20T16:34:15.301Z

Link: CVE-2026-4524

cve-icon Vulnrichment

Updated: 2026-05-14T13:23:17.656Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-14T06:16:23.677

Modified: 2026-05-15T19:57:01.030

Link: CVE-2026-4524

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T08:00:11Z

Weaknesses