VYPR
Unrated severityNVD Advisory· Published Mar 25, 2026· Updated Mar 26, 2026

Authentication Bypass Using an Alternate Path or Channel in GitLab

CVE-2026-2745

Description

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to bypass WebAuthn two-factor authentication and gain unauthorized access to user accounts due to inconsistent input validation in the authentication process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

1
CVE-2026-2745 · VYPR