Critical GitLab Gateway Flaw CVE-2026-1868 Allows RCE

Critical GitLab Gateway Flaw CVE-2026-1868 Allows RCE

First seen 9 Feb 2026, 06:01 UTC Securityonline.InfoXPurple-Ops 88% similarity 72.8

Article Content

Browse articles
ThreatCluster

GitLab has patched a critical vulnerability identified as CVE-2026-1868, which has a CVSS score of 9.9. This flaw affects the self-hosted AI Gateway, allowing remote code execution (RCE) through insecure templates. Users of GitLab's self-hosted solutions are advised to apply the patch immediately.

ThreatCluster AI

Timeline

2026-02-08
GitLab patches CVE-2026-1868 critical flaw
Recent
Vulnerability allows RCE via insecure templates

Community

Browse all →