PatchSiren cyber security CVE debrief
CVE-2026-3553 GitLab CVE debrief
CVE-2026-3553 is a low-severity vulnerability in GitLab CE/EE that could allow an authenticated user to access confidential issue details due to incorrect authorization checks. The issue affects all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2.
- Vendor
- GitLab
- Product
- Unknown
- CVSS
- LOW 3.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-11
Who should care
Users of GitLab CE/EE versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 should apply patches to prevent potential unauthorized access to confidential issue details.
Technical summary
The vulnerability has a CVSS score of 3.1 and is classified as CWE-863. It was published on [cvePublishedAt] and last modified on [cveModifiedAt].
Defensive priority
Low
Recommended defensive actions
- Apply patches to GitLab CE/EE versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2.
- Review and update access controls to ensure proper authorization checks are in place.
Evidence notes
Evidence of this vulnerability can be found at [resourceLinkAnnotations].
Official resources
CVE-2026-3553 was published on 2026-06-11T12:16:31.380Z and last modified on 2026-06-11T15:22:48.573Z.