Low severity3.5NVD Advisory· Published May 14, 2026· Updated May 14, 2026
CVE-2026-7471
CVE-2026-7471
Description
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: >=18.8,<18.9.7 || >=18.10,<18.10.6 || >=18.11,<18.11.3
Patches
Vulnerability mechanics
References
1News mentions
1- GitLab Patch Release: 18.11.3, 18.10.6, 18.9.7GitLab Security Releases · May 13, 2026