GitLab has released emergency security updates for both its Community Edition (CE) and Enterprise Edition (EE), addressing a cluster of critical and high-severity vulnerabilities spanning Duo AI workflow runners, the Wiki component, GraphQL WorkItem APIs, pipeline access controls, and authentication endpoints. All self-managed administrators are urged to upgrade immediately.
What Was Released
On May 27, 2026, GitLab shipped versions 19.0.1, 18.11.4, and 18.10.7 as targeted security patch releases. GitLab.com has already been updated to the patched version, and GitLab Dedicated customers require no action. The fixes cover seven distinct vulnerabilities ranging in severity from medium to high, with the most serious enabling lateral movement within AI-assisted developer workflows.
CVE-2026-4868: High-Severity Duo AI Identity Flaw (CVSS 8.2)
The most critical vulnerability patched in this release is CVE-2026-4868, a high-impact access control flaw in GitLab’s Duo AI workflow runners. The vulnerability affects GitLab EE versions from 18.8 up to (but not including) 18.10.7, 18.11.4, and 19.0.1.
Under specific conditions, an authenticated user could trigger certain Duo AI workflows to execute under another user’s identity due to improper user identity resolution in the workflow runner logic. With a CVSS 3.1 score of 8.2, this flaw could enable lateral movement or privilege abuse within AI-assisted development workflows if left unpatched. Environments using GitLab’s Duo AI features extensively should treat this as a critical remediation priority.
CVE-2026-1402: Denial-of-Service in the Wiki Component (CVSS 6.5)
CVE-2026-1402 is a denial-of-service vulnerability in GitLab’s Wiki component, impacting both CE and EE versions from 17.1 through unpatched 18.10, 18.11, and 19.0 branches. Due to insufficient input validation, an authenticated user could craft Wiki content that exhausts server resources and renders the Wiki unavailable. The 6.5 CVSS score reflects the authenticated nature of the attack, but the disruption potential in large, active GitLab instances is significant.
CVE-2026-6713: GraphQL Project Enumeration (CVSS 5.3)
CVE-2026-6713 addresses incorrect authorization checks in the GraphQL WorkItem API. Under certain conditions, unauthenticated users could enumerate private projects, potentially exposing project names, structures, or metadata that should remain hidden. While lower in severity, this information disclosure vulnerability could enable attackers to profile targets for more targeted follow-up attacks.
Additional Medium-Severity Fixes
Four additional medium-severity issues were also resolved in this release:
- CVE-2026-5296 — Improper authorization in the Duo Workflows API allowing developer-role users to bypass flow restrictions when foundational flows are enabled at the group level.
- CVE-2026-2601 — Missing authorization checks that could expose sensitive deployment data to developer-level users.
- CVE-2026-8716 — Incorrect name resolution behavior in pipelines that could allow access to CI data from a different ref type.
- CVE-2026-2710 — Blocked Project Access Tokens could still access private resources via certain authentication endpoints.
Additional Improvements and Deployment Notes
Beyond security fixes, versions 19.0.1, 18.11.4, and 18.10.7 include stability and performance backports, including updates to zlib, nginx, Mattermost, Elasticsearch indexer, and GitLab Shell. The updates do not introduce new database migrations and, in typical multi-node deployments, can be rolled out without downtime when following GitLab’s zero-downtime upgrade guidance.
Recommended Actions
Organizations running self-managed GitLab instances on affected versions should take the following steps without delay:
- Upgrade to 19.0.1, 18.11.4, or 18.10.7 depending on your current track.
- Monitor GitLab Duo AI and Wiki audit logs for signs of unauthorized access or unusual workflow execution patterns.
- Review project access token configurations to ensure revoked tokens cannot access protected resources.
- Align with GitLab’s published best practices for securing self-managed deployments, particularly for environments with Duo AI enabled at the group or instance level.
Given the CVSS 8.2 score on CVE-2026-4868 and its potential for lateral movement in AI-assisted environments, this patch cycle should be treated as an urgent remediation — not a routine maintenance window.