|
611
|
3.5 |
LOW
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to load unauthorized content int…
New
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2026-3254
|
2026-04-24 05:43 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
612
|
8.1 |
HIGH
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an unauthenticated user to execut…
New
|
CWE-352
Origin Validation Error
|
CVE-2026-4922
|
2026-04-24 05:40 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
613
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an una…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-5262
|
2026-04-24 05:38 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
614
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that could have allowed an authenticated user to access titles of confidential or private issues in pub…
New
|
CWE-863
Incorrect Authorization
|
CVE-2026-5377
|
2026-04-24 05:37 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
615
|
8.1 |
HIGH
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.4 and 18.11 before 18.11.1 that could have allowed an unauthenticated user to execute arbitrary JavaScrip…
New
|
CWE-41
Improper Resolution of Path Equivalence
|
CVE-2026-5816
|
2026-04-24 05:30 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
616
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or inco…
New
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-6515
|
2026-04-24 05:18 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
617
|
5.8 |
MEDIUM
Network
|
free5gc
|
free5gc
udr
|
free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.2, a fail-open request handling …
New
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-40343
|
2026-04-24 04:44 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
618
|
7.5 |
HIGH
Network
|
free5gc
|
free5gc
pcf
|
free5GC UDR is the Policy Control Function (PCF) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. A memory leak vulnerability in versions prior to 1.4.3 allows any…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-41135
|
2026-04-24 04:41 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
619
|
5.3 |
MEDIUM
Network
|
free5gc
|
amf
free5gc
|
free5GC AMF provides Access & Mobility Management Function (AMF) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. Prior to version 1.4.3, the `HTTPUEContextTransfe…
New
|
CWE-440
Expected Behavior Violation
|
CVE-2026-41136
|
2026-04-24 04:39 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
620
|
7.5 |
HIGH
Network
|
free5gc
|
free5gc
|
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether th…
Update
|
CWE-285
CWE-636
Improper Authorization
Not Failing Securely ('Failing Open')
|
CVE-2026-40248
|
2026-04-24 04:20 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
