GitLab is a web-based Git repository manager with wiki and issue-tracking features. GitLab is similar to GitHub, but GitLab has an open-source version, unlike GitHub.

GitLab

NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

GitLab Enterprise is a self-hosted, scalable, and secure platform that provides DevOps and CI/CD capabilities for software development teams. It offers advanced features, integrations, and support for organizations requiring enhanced collaboration and security. GitLab Enterprise is available in two tiers: Premium and Ultimate.

Gitlab Enterprise

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an unauthenticated user to execute arbitrary code in the context of an  authenticated user's browser by convincing the legitimate user to visit a specially crafted webpage.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-5173	HIGH	8.5	GitLab	cpe:2.3:a:gitlab:gitlab	No	Yes	Apr 08, 2026
CVE-2026-4332	MEDIUM	5.4	GitLab	cpe:2.3:a:gitlab:gitlab	No	Yes	Apr 08, 2026
CVE-2026-2619	MEDIUM	4.3	GitLab	gitlab	No	Yes	Apr 08, 2026
CVE-2026-2104	MEDIUM	4.3	GitLab	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*	No	Yes	Apr 08, 2026
CVE-2026-4916	LOW	2.7	GitLab	gitlab	No	Yes	Apr 08, 2026

CVE-2025-13761:
GitLab vulnerability analysis and mitigation

9.6

Related GitLab vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-13761: GitLab vulnerability analysis and mitigation