CVE-2026-2370 in GitLab Community Editioninformación

Resumen (Inglés)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 affecting Jira Connect installations that could have allowed an authenticated user with minimal workspace permissions to obtain installation credentials and impersonate the GitLab app due to improper authorization checks.

Responsable

GitLab

Reservar

2026-02-11

Divulgación

2026-03-30

Voces

ID	Vulnerabilidad	CWE	Base	Temp	0day	Hoy	Exp	KEV	EPSS	CTI	Con	CVE
354141	GitLab Community Edition/Enterprise Edition escalada de privilegios	233	7.2	7.0	$0-$5k	$0-$5k	No está definido		0.00000	5.94	Arreglo oficial	CVE-2026-2370

Mostrar más

Descripción
Cambios
Inteligencia de amenazas
API/JSON

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!