Bleeping Computer

GitLab warns of high-severity 2FA bypass, denial-of-service flaws

GitLab has patched a high-severity two-factor authentication bypass impacting community and enterprise editions of its software development platform. Tracked as CVE-2026-0723, this vulnerability stems ...
Arabian Post

GitLab rushes fixes for fresh flaws

The release also includes medium-severity flaws that broaden the risk picture for organisations running their own GitLab infrastructure. GitLab said CVE-2026-1403 could allow an authenticated user ...
Bleeping Computer

CISA says GitLab account takeover bug is actively exploited in attacks

CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. GitLab hosts sensitive data, including ...