advisories.gitlab.com
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-22.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-04-22 2026 | CVE-2026-33154: Dynaconf RCE via Insecure Jinja Template EvaluationSSTI | CVE-2026-33154: Dynaconf RCE via Insecure Jinja Template Evaluation |
| 2026-04-22 2026 | CVE-2026-5807: HashiCorp Vault DoS via Unauthenticated Root Token GenerationSecrets | Advisory on CVE-2026-5807 detailing a denial-of-service vulnerability in HashiCorp Vault. Unauthenticated attackers can exploit this by repeatedly initiating or canceling root token generation or rekey operations, preventing legitimate users from accessing these critical functions. This flaw is resolved in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0. GitLab Dependency Scanning can detect and mitigate this specific vulnerability. |
| 2026-04-22 2026 | CVE-2026-3605: HashiCorp Vault KVv2 Metadata Policy Bypass (DoS)Secrets | Advisory for CVE-2026-3605 details a HashiCorp Vault KVv2 metadata policy bypass vulnerability. Authenticated users with specific glob policies can delete secrets outside their authorized scope, leading to a denial-of-service condition. The vulnerability does not permit cross-namespace deletion or unauthorized data reading. Patches are available in Vault Community Edition 2.0.0, Vault Enterprise 2.0.0, 1.21.5, 1.20.10, and 1.19.16. |
| 2026-04-22 2026 | CVE-2025-64431: IDOR in ZITADEL Organization API Allows Cross-Tenant TamperingIDOR | Library for detecting CVE-2025-64431, an Insecure Direct Object Reference (IDOR) vulnerability in ZITADEL's Organization V2Beta API. This flaw allows authenticated administrators in one organization to tamper with data in other organizations. The vulnerability is addressable through GitLab Dependency Scanning, which helps secure the software supply chain by identifying disclosed vulnerabilities in open-source dependencies. |
| 2026-04-10 2026 | CVE-2026-27127: Craft CMS Cloud Metadata SSRF via DNS RebindingSSRF | CVE-2026-27127: Craft CMS Cloud Metadata SSRF via DNS Rebinding |
| 2026-04-10 2026 | CVE-2026-33728: dd-trace-java Unsafe Deserialization in RMIDeser | CVE-2026-33728: dd-trace-java Unsafe Deserialization in RMI |
| 2026-04-10 2026 | CVE-2026-33439: OpenAM Pre-Auth RCE via DeserializationDeser | CVE-2026-33439: OpenAM Pre-Auth RCE via Deserialization |
| 2026-04-10 2026 | DbGate Stored XSS to RCE in Electron (CVE-2026-34725)XSS | DbGate Stored XSS to RCE in Electron (CVE-2026-34725) |
| 2026-04-09 2026 | FastMCP SSRF & Path Traversal via OpenAPI Provider (CVE-2026-32871)SSRF | FastMCP SSRF & Path Traversal via OpenAPI Provider (CVE-2026-32871) |
| 2026-04-09 2026 | Docker Model Runner SSRF in OCI Registry (CVE-2026-33990)SSRF | Docker Model Runner SSRF in OCI Registry (CVE-2026-33990) |
| 2026-04-09 2026 | AVideo SSRF Protection Bypass via Extension Allowlist (CVE-2026-39370)SSRF | AVideo SSRF Protection Bypass via Extension Allowlist (CVE-2026-39370) |
| 2026-04-09 2026 | AVideo Stored SSRF via Live Restream Log Callback (CVE-2026-39368)SSRF | AVideo Stored SSRF via Live Restream Log Callback (CVE-2026-39368) |
| 2026-04-09 2026 | mcp-from-openapi SSRF via $ref Dereferencing (CVE-2026-39885)SSRF | mcp-from-openapi SSRF via $ref Dereferencing (CVE-2026-39885) |
| 2026-04-09 2026 | Directus SSRF Bypass via IPv4-Mapped IPv6 Addresses (CVE-2026-35409)SSRF | Directus SSRF Bypass via IPv4-Mapped IPv6 Addresses (CVE-2026-35409) |
| 2026-04-09 2026 | Payload CMS Authenticated SSRF via Upload (CVE-2026-34746)SSRF | Payload CMS Authenticated SSRF via Upload (CVE-2026-34746) |
| 2026-04-09 2026 | Ech0: Unauthenticated SSRF to Cloud Metadata (CVE-2026-35037)SSRF | Ech0: Unauthenticated SSRF to Cloud Metadata (CVE-2026-35037) |
| 2026-04-09 2026 | Craft CMS Cloud Metadata SSRF Bypass via IPv6 (CVE-2026-27129)SSRF | Craft CMS Cloud Metadata SSRF Bypass via IPv6 (CVE-2026-27129) |