PatchSiren cyber security CVE debrief
CVE-2026-6552 GitLab CVE debrief
CVE-2026-6552 is a HIGH-severity vulnerability in GitLab EE's Group SAML identity management functionality. An authenticated user with the Group Owner role could, under certain conditions, take over another group member's GitLab account due to improper authorization.
- Vendor
- GitLab
- Product
- Unknown
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-11
Who should care
Administrators and users of GitLab EE versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 should be aware of this vulnerability and take necessary actions.
Technical summary
The vulnerability is caused by improper authorization in the Group SAML identity management functionality of GitLab EE. This allows an authenticated user with the Group Owner role to potentially take over another group member's GitLab account.
Defensive priority
HIGH
Recommended defensive actions
- Upgrade to GitLab EE version 18.10.8, 18.11.5, or 19.0.2, or later.
- Review and adjust Group SAML identity management settings.
- Monitor for suspicious activity related to Group SAML identity management.
Evidence notes
The CVE-2026-6552 vulnerability has been analyzed and verified by GitLab and the NVD.
Official resources
-
CVE-2026-6552 CVE record
CVE.org
-
CVE-2026-6552 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Release Notes
-
Source reference
[email protected] - Issue Tracking
-
Source reference
[email protected] - Permissions Required
CVE-2026-6552 was published on 2026-06-11T12:16:32.347Z and modified on 2026-06-11T17:36:24.853Z.