Platform
gitlab
Component
gitlab
Fixed in
18.8.7
18.9.3
18.10.1
CVE-2026-1724 describes a vulnerability in GitLab EE that allows unauthenticated users to potentially access API tokens associated with self-hosted AI models. This improper access control could lead to unauthorized access and misuse of these tokens. The vulnerability impacts GitLab EE versions 18.5 through 18.10.1, as well as 18.9 before 18.9.3. A fix is available in GitLab 18.10.1.
Successful exploitation of CVE-2026-1724 could allow an attacker to gain unauthorized access to API tokens used by GitLab's self-hosted AI models. These tokens grant access to the underlying AI services, potentially enabling the attacker to perform actions on behalf of the GitLab instance. The impact could range from data exfiltration and model manipulation to denial of service, depending on the permissions associated with the compromised tokens. While the vulnerability is not directly exploitable for remote code execution, the access to AI model tokens represents a significant security risk, particularly in environments where these models handle sensitive data or perform critical operations. The blast radius is limited to the GitLab instance and its associated AI models, but the potential for misuse warrants immediate attention.
CVE-2026-1724 was publicly disclosed on March 25, 2026. There is currently no indication of active exploitation in the wild, and no public proof-of-concept (PoC) code has been released. The vulnerability is not currently listed on the CISA KEV catalog. Given the lack of public exploits and the relatively low CVSS score, the probability of exploitation is considered low to medium.
Exploit Status
EPSS
0.03% (7% percentile)
CISA SSVC
The primary mitigation for CVE-2026-1724 is to upgrade GitLab EE to version 18.10.1 or later. This version includes the necessary access control fixes to prevent unauthorized token access. If upgrading immediately is not feasible, consider reviewing and restricting access to the AI model API endpoints using GitLab's built-in access control mechanisms. Implement stricter authentication and authorization policies for all API requests. Monitor GitLab logs for any suspicious activity related to API token usage. After upgrading, confirm the fix by attempting to access the AI model API endpoints without authentication and verifying that access is denied.
Update GitLab to version 18.8.7, 18.9.3 or 18.10.1, or a later version that contains the fix for this vulnerability. This will prevent unauthenticated users from accessing API tokens of self-hosted AI models.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-1724 is a medium-severity vulnerability in GitLab EE allowing unauthenticated users to access API tokens for self-hosted AI models due to improper access controls.
You are affected if you are running GitLab EE versions 18.5 through 18.10.1, or 18.9 before 18.9.3.
Upgrade GitLab EE to version 18.10.1 or later to remediate the vulnerability. Review and restrict access to AI model API endpoints.
There is currently no indication of active exploitation in the wild or publicly available proof-of-concept code.
Refer to the official GitLab security advisory for CVE-2026-1724 on the GitLab website.
CVSS Vector
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.