Description
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended.
Published: 2026-05-27
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability involves an incorrect resolution of references within GitLab's CI system. Under specific circumstances, an authenticated user may retrieve CI data from a ref type other than expected. This flaw may allow the user to read pipeline artifacts or job logs associated with other branches or tags, compromising confidentiality of project CI data. The weakness matches CWE‑706, which concerns uncontrolled data flow leading to unintended disclosure between components.

Affected Systems

All GitLab CE/EE releases from version 12.7 through 18.10.6, 18.11 through 18.11.3, and 19.0 through 19.0.0 are affected. The issue is fixed in GitLab 18.10.7, 18.11.4, 19.0.1, and all later releases.

Risk and Exploitability

The CVSS score of 4.3 indicates moderate severity, while no EPSS score is currently available, making it difficult to gauge exploitation probability. The vulnerability is not included in the CISA KEV catalog, suggesting limited exploitation activity so far. Exploit requires an authenticated session and occurs when the attacker requests CI data for an unintended ref type. Thus the threat is confined to users with legitimate access to the project, but the attack could expose unintended CI artifacts to those users.

Generated by OpenCVE AI on May 27, 2026 at 21:01 UTC.

Remediation

Vendor Solution

Upgrade to versions 18.10.7, 18.11.4, 19.0.1 or above.

OpenCVE Recommended Actions

  • Upgrade to GitLab 18.10.7, 18.11.4, 19.0.1 or later to remove the flaw.
  • If a patch cannot be applied immediately, restrict project CI artifact visibility to authorized roles and enforce ref type restrictions in pipeline configuration to limit exposure.
  • Monitor CI job logs for anomalous access to unintended ref types as a potential sign of exploitation.

Generated by OpenCVE AI on May 27, 2026 at 21:01 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 21:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:19.0.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:19.0.0:*:*:*:enterprise:*:*:*

Wed, 27 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 27 May 2026 18:45:00 +0000

Type Values Removed Values Added
Description GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended.
Title Use of Incorrectly-Resolved Name or Reference in GitLab
First Time appeared Gitlab
Gitlab gitlab
Weaknesses CWE-706
CPEs cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Vendors & Products Gitlab
Gitlab gitlab
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Gitlab Gitlab
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-05-27T19:36:40.034Z

Reserved: 2026-05-15T21:03:44.492Z

Link: CVE-2026-8716

cve-icon Vulnrichment

Updated: 2026-05-27T19:36:35.478Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-27T19:16:25.097

Modified: 2026-06-17T11:04:19.480

Link: CVE-2026-8716

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T02:15:03Z

Weaknesses
  • CWE-706

    Use of Incorrectly-Resolved Name or Reference