Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.7
GitLab EE: Authenticated User Can Leak Viewer IP Addresses
CVE-2026-1516
Summary
A security issue was found in older versions of GitLab EE that could have allowed an authenticated user to see the IP addresses of others who viewed certain reports. If you're using one of these affected versions, update to the latest patch release to fix the issue. This is especially important if you have sensitive information in your reports that you don't want to be visible to users who shouldn't see it.
Original title
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authent...
Original description
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authenticated user to leak IP addresses of users viewing the report via specially crafted content.
nvd CVSS3.1
5.7
Vulnerability type
CWE-94
Code Injection
Published: 8 Apr 2026 · Updated: 8 Apr 2026 · First seen: 8 Apr 2026