GitLab CE/EE Grape API unauthenticated DoS (CVSS 7.5) — assessed, no §2 gate
cve · CVE-2026-7250
Coverage timeline
1
first 2026-06-15 → last 2026-06-15
Briefs
1
1 distinct
Sources cited
13
8 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-06-15CTI Daily Brief — 2026-06-15
Source distribution
- attack.mitre.org5 (38%)
- advisories.ncsc.nl2 (15%)
- bitdefender.com1 (8%)
- docs.gitlab.com1 (8%)
- maine.gov1 (8%)
- prnewswire.com1 (8%)
- sentinelone.com1 (8%)
- veeam.com1 (8%)
External references
All cited sources (13)
- docs.gitlab.comprimaryinlineGitLab 19.0.1https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-0-1-released/
- advisories.ncsc.nlinlineNCSC-NL advisory NCSC-2026-0168https://advisories.ncsc.nl/advisory?id=NCSC-2026-0168
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0161, 2026-05-15https://advisories.ncsc.nl/csaf/v2/2026/ncsc-2026-0161.json
- attack.mitre.orginlineT1072https://attack.mitre.org/techniques/T1072/
- attack.mitre.orginlineT1195.002https://attack.mitre.org/techniques/T1195/002/
- attack.mitre.orginlineT1204https://attack.mitre.org/techniques/T1204/
- attack.mitre.orginlineT1547https://attack.mitre.org/techniques/T1547/
- attack.mitre.orginlineT1555https://attack.mitre.org/techniques/T1555/
- bitdefender.cominlineBitdefender Business Insights, 2026-05-13https://www.bitdefender.com/en-us/blog/businessinsights/famoussparrow-apt-targets-azerbaijani-oil-gas-industry
- maine.govinlineMaine AG filinghttps://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/d6729ef2-7bb3-42d3-abdd-99a1dd8f2415.html
- prnewswire.cominlinePR Newswire substitute noticehttps://www.prnewswire.com/news-releases/carnival-corporation-notice-of-data-breach-302783524.html
- sentinelone.cominlineSentinelOne, 2026-05-15https://www.sentinelone.com/blog/living-off-the-pipeline-defending-against-ci-cd-subversion/
- veeam.cominlineVeeam KB4852https://www.veeam.com/kb4852
Items in briefs about GitLab CE/EE Grape API unauthenticated DoS (CVSS 7.5) — assessed, no §2 gate
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.