SecAlerts
CVE ListPricingSign Up
GitLab logo

GitLab

Security Risk Profile

36
/100
low

Security Risk Score

Comprehensive risk assessment based on 1000 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from May 6, 2021 to present

1000
Total CVEs
301
Critical+High
5
Exploited
100
Unpatched

Threat Assessment

Avg CVSS
6.3
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
100
Critical/High
Risk Level
36/100
low
⚠️ 5 Active Exploits 1 Zero-Days🆕 1Fresh (<7d)📈 25 in Last 30 Days

Severity Distribution

Critical
35
High
266
Medium
548
Low
34

Exploit Likelihood

>50% chance
0
20-50%
1
5-20%
0
<5%
104

Age Distribution

Common Weaknesses (CWE)

1
XSS
100
2
Input Validation
36
3
Infoleak
25
4
SSRF
22
5
CSRF
15

Most Affected Products

1. GitLab GitLab4928
2. GitLab GitLab EE194
3. GitLab GitLab CE/EE96
4. GitLab GitLab CE46
5. GitLab Community Edition18

Recent Vulnerabilities

See more →
EOL-gitlab-19.0
unknown
5/21/2026
CVE-2025-12669
CVSS 5.4medium

Improper Control of Generation of Code ('Code Injection') in GitLab

5/14/2026
CVE-2025-13874
CVSS 4.3medium

Authorization Bypass Through User-Controlled Key in GitLab

5/14/2026
CVE-2025-14869
CVSS 7.5high

Improper Validation of Specified Quantity in Input in GitLab

5/14/2026
CVE-2025-14870
CVSS 7.5high

Allocation of Resources Without Limits or Throttling in GitLab

5/14/2026
CVE-2026-1184
CVSS 7.5high

Deserialization of Untrusted Data in GitLab

5/14/2026
CVE-2026-1322
CVSS 8.1high

Business Logic Errors in GitLab

5/14/2026
CVE-2026-1338
CVSS 4.3medium

Authorization Bypass Through User-Controlled Key in GitLab

5/14/2026
CVE-2026-1659
CVSS 7.5high

Allocation of Resources Without Limits or Throttling in GitLab

5/14/2026
CVE-2026-2900
CVSS 2.7low

Missing Authorization in GitLab

5/14/2026

Monitor GitLab in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.