CVE-2026-3553
Description
GitLab CE/EE versions 12.0 to 19.0.1 allow authenticated users to access confidential issue details due to incorrect authorization checks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
GitLab CE/EE versions 12.0 to 19.0.1 allow authenticated users to access confidential issue details due to incorrect authorization checks.
Vulnerability
An incorrect authorization check in GitLab CE/EE affects all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 [1]. Under certain conditions, an authenticated user could view confidential issue details that should be restricted. The exact conditions are not fully detailed but involve the authorization logic for issue visibility.
Exploitation
An attacker must be an authenticated user with some level of access to the GitLab instance. The vulnerability is triggered when the attacker accesses a confidential issue under specific circumstances where the authorization check fails. No additional privileges or user interaction beyond authentication are required [1].
Impact
Successful exploitation allows an authenticated user to access confidential issue details, leading to unauthorized information disclosure. The attacker gains visibility into sensitive data that should be restricted to authorized users only [1].
Mitigation
GitLab has released fixed versions: 18.10.8, 18.11.5, and 19.0.2, available as of June 10, 2026 [1]. Users should upgrade to these versions or later. No workaround is documented; upgrading is the recommended mitigation.
AI Insight generated on Jun 11, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: >=12.0 <18.10.8, >=18.11 <18.11.5, >=19.0 <19.0.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
1- GitLab Patch Release: 19.0.2, 18.11.5, 18.10.8GitLab Security Releases · Jun 10, 2026