{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6515", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2026-04-17T13:33:58.292Z", "datePublished": "2026-04-22T16:04:11.611Z", "dateUpdated": "2026-04-22T17:51:09.883Z"}, "containers": {"cna": {"title": "Insufficient Session Expiration in GitLab", "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or incorrectly scoped credentials to access Virtual Registries under certain conditions."}], "affected": [{"vendor": "GitLab", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "versions": [{"version": "18.2", "status": "affected", "lessThan": "18.9.6", "versionType": "semver"}, {"version": "18.10", "status": "affected", "lessThan": "18.10.4", "versionType": "semver"}, {"version": "18.11", "status": "affected", "lessThan": "18.11.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-613: Insufficient Session Expiration", "cweId": "CWE-613", "type": "CWE"}]}], "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/595993"}, {"url": "https://about.gitlab.com/releases/2026/04/22/patch-release-gitlab-18-11-1-released/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM"}}], "solutions": [{"lang": "en", "value": "Upgrade to versions 18.9.6, 10.10.4, 18.11.1 or above."}], "credits": [{"lang": "en", "value": "This vulnerability has been discovered internally by GitLab team member David Fernandez", "type": "finder"}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2026-04-22T16:04:11.611Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-22T17:50:48.419094Z", "id": "CVE-2026-6515", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T17:51:09.883Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6515", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-22T17:50:48.419094Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T17:51:00.525Z"}}], "cna": {"title": "Insufficient Session Expiration in GitLab", "credits": [{"lang": "en", "type": "finder", "value": "This vulnerability has been discovered internally by GitLab team member David Fernandez"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "product": "GitLab", "versions": [{"status": "affected", "version": "18.2", "lessThan": "18.9.6", "versionType": "semver"}, {"status": "affected", "version": "18.10", "lessThan": "18.10.4", "versionType": "semver"}, {"status": "affected", "version": "18.11", "lessThan": "18.11.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to versions 18.9.6, 10.10.4, 18.11.1 or above."}], "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/595993"}, {"url": "https://about.gitlab.com/releases/2026/04/22/patch-release-gitlab-18-11-1-released/"}], "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or incorrectly scoped credentials to access Virtual Registries under certain conditions."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-613", "description": "CWE-613: Insufficient Session Expiration"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2026-04-22T16:04:11.611Z"}}}, "cveMetadata": {"cveId": "CVE-2026-6515", "state": "PUBLISHED", "dateUpdated": "2026-04-22T17:51:09.883Z", "dateReserved": "2026-04-17T13:33:58.292Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2026-04-22T16:04:11.611Z", "assignerShortName": "GitLab"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "290D3AC1-6A70-4070-98D0-A78A47B2AF59", "versionEndExcluding": "18.9.6", "versionStartIncluding": "18.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "11CFC80F-6935-49C1-B3C6-E6F80BE6A710", "versionEndExcluding": "18.9.6", "versionStartIncluding": "18.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "98D16D9B-6A45-45F3-934B-3ED95C8371BF", "versionEndExcluding": "18.10.4", "versionStartIncluding": "18.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "58B8096F-9D7B-403D-B685-E9D4FA24F3E5", "versionEndExcluding": "18.10.4", "versionStartIncluding": "18.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:18.11.0:*:*:*:community:*:*:*", "matchCriteriaId": "A6100523-821F-4F41-872D-AC5A60EECC19", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:18.11.0:*:*:*:enterprise:*:*:*", "matchCriteriaId": "C78F9577-CDD5-497B-A92F-3C578AC6709E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or incorrectly scoped credentials to access Virtual Registries under certain conditions."}], "id": "CVE-2026-6515", "lastModified": "2026-04-23T20:18:22.383", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "cve@gitlab.com", "type": "Secondary"}]}, "published": "2026-04-22T17:16:44.923", "references": [{"source": "cve@gitlab.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://about.gitlab.com/releases/2026/04/22/patch-release-gitlab-18-11-1-released/"}, {"source": "cve@gitlab.com", "tags": ["Broken Link"], "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/595993"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "cve@gitlab.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[18.2,18.9.6)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[18.10,18.10.4)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[18.11,18.11.1)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "GitLab", "source": "cna", "vendor": "GitLab"}, "product": "gitlab", "vendor": "gitlab"}], "analysis": {"en": {"generated_at": "2026-04-28T23:54:49.560162+00:00", "value": {"mitigation_remediation": ["Upgrade GitLab to version 18.9.6, 10.10.4, or 18.11.1 or later for both CE and EE", "Ensure that session expiration settings are correctly configured and enforced in the GitLab instance", "Review audit logs for unexpected or repeated access to Virtual Registries and consider additional monitoring or access controls"], "summary": {"action": "Apply Patch", "impact": "Unauthorized Access to Virtual Registries"}, "threat_synthesis": {"affected_systems": "GitLab Community and Enterprise Editions are affected. All releases from 18.2 through 18.9.5, 18.10 through 18.10.3, and 18.11 through 18.11.0 are vulnerable. These are the specific version ranges that must be checked before upgrading.", "description_and_impact": "The vulnerability stems from GitLab\u2019s insufficient session expiration, allowing an attacker to use invalidated or incorrectly scoped credentials to log in to Virtual Registries. This flaw enables unauthorized access to registry contents and potentially exposes sensitive artifacts. The weakness follows CWE-613, indicating a failure to properly enforce session lifetime, thus compromising the confidentiality of registry data.", "risk_and_exploitability": "The CVSS score of 5.4 places this flaw in the moderate category, and the EPSS score is < 1%, indicating an extremely low probability of exploitation. It is not listed in the CISA KEV catalog. The most plausible attack path requires an attacker to obtain or compromise a user\u2019s session token that has not yet expired; the flaw then allows that token to be reused, meaning that the exploit can be performed as a credential reuse attack. Based on the description, it is inferred that the attacker could exploit this by reusing a valid session without needing to reauthenticate. Because there is no remote code execution component, the impact is limited to unauthorized registry access, but the potential damage to data integrity and confidentiality is significant."}}}}, "created": "2026-04-22T18:30:23.753642+00:00", "updated": "2026-04-29T00:00:13.835340+00:00", "vendors": ["gitlab", "gitlab$PRODUCT$gitlab"]}