GitLab
Security Scorecard
Score
95C
Total CVEs
33
Patch Rate
94%
31 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical0
High16
Medium17
Low0
Patch Status
Patched31 (94%)
Partial/Workaround0 (0%)
Unpatched2 (6%)
CVEs (34)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-13927 | GitLab Denial of Service Vulnerability | High | 7.5 | - | Patched |
| CVE-2025-13928 | GitLab API Denial of Service | High | 7.5 | - | Patched |
| CVE-2026-0723 | GitLab CE/EE Authentication Bypass | High | 7.4 | - | Patched |
| CVE-2026-1102 | GitLab SSH Denial of Service | Medium | 5.3 | - | Patched |
| CVE-2025-11224 | GitLab Kubernetes Proxy Cross-Site Scripting | High | 7.7 | - | Patched |
| CVE-2025-10569 | GitLab Denial of Service Vulnerability | Medium | 6.5 | - | Patched |
| CVE-2025-11246 | GitLab GraphQL Runner Association Bypass | Medium | 5.4 | - | Patched |
| CVE-2025-13761 | GitLab Remote Code Execution | High | 8.0 | - | Patched |
| CVE-2025-13772 | GitLab EE AI Model Settings Bypass | High | 7.1 | - | Patched |
| CVE-2025-9222 | GitLab Flavored Markdown Cross-Site Scripting | High | 8.7 | - | Patched |