CVE-2026-1458 — Vulnetix

CVE-2026-1458 PUBLISHED

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an unauthenticated user to cause denial of service by uploading malicious files.

EPSS 0.04% · 11.8th percentile

Risk Scores

EPSS Score

0.04%

11.8th percentile

Affected Products

Vendor	Product	Versions
Bitnami	gitlab	18.7.0, 18.8.0, 8.0.0
Bitnami	gitlab	8.0.0, 18.7.0, 18.8.0

Timeline

Feb 11, 2026 CVE Published
Feb 11, 2026 EPSS Score
Feb 13, 2026 EPSS Score
Feb 15, 2026 EPSS Score
Feb 17, 2026 EPSS Score
Feb 19, 2026 EPSS Score
Feb 21, 2026 EPSS Score
Feb 23, 2026 EPSS Score
Feb 25, 2026 EPSS Score
Feb 27, 2026 EPSS Score
Mar 1, 2026 EPSS Score
Mar 3, 2026 EPSS Score

References

https://about.gitlab.com/releases/2026/02/10/patch-release-gitlab-18-8-4-released/ url
https://gitlab.com/gitlab-org/gitlab/-/issues/587698 url
https://hackerone.com/reports/3517644 url
https://nvd.nist.gov/vuln/detail/CVE-2026-1458 url

Open in Interactive Console →