What is the authoritative source for CVE-2026-11379?

CVE-2026-11379 (CVE-2026-11379) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2026-11379

CVE-2026-11379CVE-2026-11379

Description

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under certain conditions.

Scoring

CVSS	5.3 ()
Vector	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Last modified	2026-06-25

Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.