PT-2026-40857 · Gitlab · Gitlab Ce/Ee

CVE-2026-1184

·

Published

2026-05-14

·

Updated

2026-05-18

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions GitLab EE versions 11.9 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2
Description Improper validation allows an unauthenticated user to cause a denial of service by uploading a specially crafted file.
Recommendations Update to version 18.9.7 Update to version 18.10.6 Update to version 18.11.3

Exploit

Fix

DoS

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07011
BIT-GITLAB-2026-1184
CVE-2026-1184

Affected Products

Gitlab Ce/Ee