ctipilot.ch

GitLab CE/EE — Authenticated users can access CI data from unintended reference types via incorrect reference resolution (CVSS 4.3)

cve · CVE-2026-8716

Coverage timeline
1
first 2026-05-29 → last 2026-05-29
Peak priority
notable
1 notable
Sources cited
2
2 hosts
Sections touched
1
trending-vulnerabilities
Co-occurring entities
5
see Related entities below
ATT&CK techniques
0
no mapped behavior yet

Story timeline

  1. 2026-05-29CVE-2026-4868 (+ five further CVEs) — GitLab 19.0.1 / 18.11.4 / 18.10.7 patch release: Duo AI identity impersonation, unauthenticated project enumeration
    trending-vulnerabilities

Where this entity is cited

  • trending-vulnerabilities1

Source distribution

  • advisories.ncsc.nl1 (50%)
  • docs.gitlab.com1 (50%)

Co-occurring entities

Derived — referenced by the same focused operational entries (weekly summaries and report roundups don't count); ×N counts the shared entries.

Entries about GitLab CE/EE — Authenticated users can access CI data from unintended reference types via incorrect reference resolution (CVSS 4.3) (1)

2026-05-29 · view entry permalink →

CVE-2026-4868 (+ five further CVEs) — GitLab 19.0.1 / 18.11.4 / 18.10.7 patch release: Duo AI identity impersonation, unauthenticated project enumeration

GitLab shipped patch versions 19.0.1, 18.11.4 and 18.10.7 on 2026-05-27 closing six CVEs. The most severe is CVE-2026-4868 (CVSS 8.2, CWE-639) — an improper identity-resolution flaw in the GitLab Duo AI integration that allows an authenticated user to impersonate another user when Duo AI workflows are triggered, with the workflow runners executing under the second user's identity. CVE-2026-6713 (CVSS 5.3) lets an unauthenticated attacker enumerate private projects via an incorrect authorization issue in GitLab's GraphQL WorkItem API. Other CVEs in the batch: CVE-2026-1402 (CVSS 6.5, Wiki DoS via malformed markup), CVE-2026-2601 (CVSS 4.3, deployment-data exposure to Developer-role users), CVE-2026-5296 (CVSS 4.3, Developer-role flow-restriction bypass) and CVE-2026-8716 (CVSS 4.3, CI cross-reference data exposure). NCSC-NL advisory NCSC-2026-0168 rates the batch high; CERT-FR / ANSSI carries CERTFR-2026-AVI-0658 as the FR-CERT corroboration. No exploitation reported.

GitLab EE versions prior to 18.10.7, 18.11.4, and 19.0.1 contained a vulnerability allowing authenticated users to impersonate others and trigger Duo AI workflows due to improper user identity resolution

NCSC-NL NCSC-2026-0168 CSAF

An unauthenticated user may enumerate private project paths via the API

GitLab
vulnerability29 May 05:00Zmulti-sourceOpen finding ↗