VDB

CVE-2026-0958

CVE-2026-0958 PUBLISHED

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denial of service through memory or CPU exhaustion by bypassing JSON validation middleware limits.

EPSS 0.04% · 11.3th percentile

Risk Scores

EPSS Score
0.04%
11.3th percentile

Affected Products

VendorProductVersions
Bitnamigitlab18.4.0, 18.7.0, 18.8.0
Bitnamigitlab18.4.0, 18.7.0, 18.8.0

Timeline

  • Feb 11, 2026 CVE Published
  • Feb 11, 2026 EPSS Score
  • Feb 13, 2026 EPSS Score
  • Feb 15, 2026 EPSS Score
  • Feb 17, 2026 EPSS Score
  • Feb 19, 2026 EPSS Score
  • Feb 21, 2026 EPSS Score
  • Feb 23, 2026 EPSS Score
  • Feb 25, 2026 EPSS Score
  • Feb 27, 2026 EPSS Score
  • Mar 1, 2026 EPSS Score
  • Mar 3, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›