Loading market data...
← Back to CVE feed

CVE-2026-11379

MEDIUM CVSS 5.3 View on NVD ↗

Description

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under certain conditions.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Published: Jun 25, 2026 05:16 UTC Modified: Jun 25, 2026 16:01 UTC