CVE-2026-7250

216.73.216.226

· Published 11/06/2026 14:16 · Modified 11/06/2026 17:34 · Author: The MITRE Corporation

Labels: CVE-2026-7250 2026-06-11 CVE-2026-7250 CWE-770 [email protected]

Essential information

Published: 11/06/2026 14:16
Modified: 11/06/2026 17:34
Author: The MITRE Corporation
Creator: The MITRE Corporation
CVSS: 7.5 HIGH (v3.1)
CISA KEV: No
CWE: CWE-770
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an unauthenticated user to cause denial of service due to improper input validation in the API request parsing middleware.

NVD status

Status: Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
gitlab / gitlab	`cpe:2.3:a:gitlab:gitlab:::::community:::*`
gitlab / gitlab	`cpe:2.3:a:gitlab:gitlab:::::enterprise:::*`
gitlab / gitlab	`cpe:2.3:a:gitlab:gitlab:::::community:::*`
gitlab / gitlab	`cpe:2.3:a:gitlab:gitlab:::::enterprise:::*`
gitlab / gitlab	`cpe:2.3:a:gitlab:gitlab:::::community:::*`
gitlab / gitlab	`cpe:2.3:a:gitlab:gitlab:::::enterprise:::*`