Description
GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without authorization.
Published: 2026-06-25
Score: 5.4 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

GitLab introduced a vulnerability that permits an authenticated user to read or modify another group's virtual registry cleanup policy settings. The flaw corresponds to CWE-639 and carries a CVSS score of 5.4, indicating a moderate risk that is confined to configuration data rather than system compromise.

Affected Systems

The flaw affects GitLab Enterprise Edition versions 18.6 through 18.11.5, 19.0 through 19.0.2, and 19.1 through 19.1.0. Affected vendors include GitLab. Any environment running these versions should be considered vulnerable.

Risk and Exploitability

The vulnerability is exploitable by users who already possess valid login credentials; exploitation occurs entirely within the GitLab application and does not require additional privileges or remote code execution. Based on the description, it is inferred that the attack path involves authenticated users modifying registry cleanup policy settings. Because the EPSS score is not available and the issue is not listed in CISA KEV, the likelihood of widespread use appears low for now, but the impact on policy integrity warrants precautionary action.

Generated by OpenCVE AI on June 25, 2026 at 07:51 UTC.

Remediation

Vendor Solution

Upgrade to versions 18.11.6, 19.0.3, 19.1.1 or above.

OpenCVE Recommended Actions

  • Upgrade GitLab EE to version 18.11.6, 19.0.3, 19.1.1 or newer.
  • Audit virtual registry cleanup policy settings across all groups to detect unauthorized changes.
  • Limit group administrator privileges or temporarily revoke access for users without explicit need until the fix is applied.

Generated by OpenCVE AI on June 25, 2026 at 07:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 25 Jun 2026 05:15:00 +0000

Type Values Removed Values Added
Description GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without authorization.
Title Authorization Bypass Through User-Controlled Key in GitLab
First Time appeared Gitlab
Gitlab gitlab
Weaknesses CWE-639
CPEs cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Vendors & Products Gitlab
Gitlab gitlab
References
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}

Subscriptions

Gitlab Gitlab
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-06-25T04:34:29.038Z

Reserved: 2026-04-01T11:33:45.470Z

Link: CVE-2026-5309

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T08:15:05Z

Weaknesses
  • CWE-639

    Authorization Bypass Through User-Controlled Key