Zero Day MonitorZDM

← Back to list

8.1

CVE-2026-2370EXPLOITED

gitlab · GitLab Community Edition/Enterprise Edition

Improper Handling of Parameters in GitLab

Description

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 affecting Jira Connect installations that could have allowed an authenticated user with minimal workspace permissions to obtain installation credentials and impersonate the GitLab app due to improper authorization checks.

Affected Products

Vendor	Product	Versions
gitlab	GitLab Community Edition/Enterprise Edition	14.3, 18.9, 18.10, 18.8.6, 18.9.2, 18.10.0

References

https://hackerone.com/reports/3522829(technical-description, exploit, permissions-required)
https://gitlab.com/gitlab-org/gitlab/-/work_items/589635
https://about.gitlab.com/releases/2026/03/25/patch-release-gitlab-18-10-1-released/

Related News (2 articles)

Tier C

VulDB5h ago

CVE-2026-2370 | GitLab Community Edition/Enterprise Edition up to 18.8.6/18.9.2/18.10.0 parameters

→ No new info (linked only)

Tier D

Heise Security3d ago

Sicherheitsupdates GitLab: Angreifer können E-Mail-Adressen hinterlegen

→ No new info (linked only)

CVSS 3.18.1 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-233

Published3/29/2026

Last enriched5h agov2

Trending Score60

Source articles2

Independent2

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-2995

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addr

HIGHCVE-2026-3988

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a d

MEDIUMCVE-2026-1724

Missing Authentication for Critical Function in GitLab

MEDIUMCVE-2026-2973

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to execute arb

MEDIUMCVE-2026-2726

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to perform un

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Mar 29, 2026

Discovered by ZDM

Mar 30, 2026

Actively Exploited

Mar 30, 2026

Updated: product, affectedVersions, severity, activelyExploited

Mar 30, 2026

Version History

v2

Last enriched 5h ago

v2Tier C5h ago

Updated product information, affected versions, severity to CRITICAL, and noted that no exploit is available.

productaffectedVersionsseverityactivelyExploited

via VulDB

v110h ago

Initial creation