ctipilot.ch

GitLab EE Group SAML identity API improper authorization, Group Owner account takeover (CVSS 8.7; fixed 19.0.2/18.11.5/18.10.8) — did not clear daily section-2 gate

cve · CVE-2026-6552

Coverage timeline
2
first 2026-06-13 → last 2026-06-13
Briefs
2
2 distinct
Sources cited
13
8 hosts
Sections touched
0
Co-occurring entities
0
no co-occurrence

Story timeline

  1. 2026-06-15CTI Daily Brief — 2026-06-15
  2. 2026-06-13CTI Daily Brief — 2026-06-13

Source distribution

  • attack.mitre.org5 (38%)
  • advisories.ncsc.nl2 (15%)
  • bitdefender.com1 (8%)
  • docs.gitlab.com1 (8%)
  • maine.gov1 (8%)
  • prnewswire.com1 (8%)
  • sentinelone.com1 (8%)
  • veeam.com1 (8%)

External references

NVD · cve.org · CISA KEV

All cited sources (13)

Items in briefs about GitLab EE Group SAML identity API improper authorization, Group Owner account takeover (CVSS 8.7; fixed 19.0.2/18.11.5/18.10.8) — did not clear daily section-2 gate

No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.