ThreatCluster

CISA Alerts on Exploited GitLab SSRF Vulnerability in Community and Enterprise Editions

First seen 4 Feb 2026, 17:48 UTC GbhackersCybersecuritynews 94% similarity 30

Article Content

Browse articles
ThreatCluster

CISA has added a critical server-side request forgery (SSRF) vulnerability in GitLab Community and Enterprise editions, tracked as CVE-2021-39935, to its Known Exploited Vulnerabilities catalog. This vulnerability is currently being exploited by threat actors, posing risks to organizations using affected versions of GitLab. The vulnerability was added to the KEV list on February 3, 2026, indicating active exploitation.

ThreatCluster AI

Community

Browse all →