Information Exposure Vulnerability in GitLab by GitLab Inc.
CVE-2026-12053
8.6HIGH
What is CVE-2026-12053?
GitLab has addressed a security issue in the GitLab EE platform, affecting all versions from 19.1 through 19.1.1. The vulnerability resulted from inadequate output filtering in Duo Workflows, which could potentially enable unauthorized users to access sensitive data that had already been committed to a project. This risk necessitated swift remediation to safeguard user information and prevent potential exploitation.
Affected Version(s)
GitLab 19.1 < 19.1.1
References
CVSS V3.1
Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Thanks to [3nvz](https://hackerone.com/3nvz) and GitLab team member Dennis Appelt for reporting this vulnerability