CVE-2026-3848 | GitLab Community Edition/Enterprise Edition up to 18.7.5/18.8.5/18.9.1 Import crlf injection

A vulnerability labeled as problematic has been found in GitLab Community Edition and Enterprise Edition up to 18.7.5/18.8.5/18.9.1. This vulnerability affects unknown code of the component Import. The manipulation results in crlf injection.

This vulnerability is known as CVE-2026-3848. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More