CVE-2026-3857 | GitLab Community Edition/Enterprise Edition up to 18.8.6/18.9.2/18.10.0 GraphQL Mutation cross-site request forgery

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 18.8.6/18.9.2/18.10.0. This affects an unknown part of the component GraphQL Mutation Handler. This manipulation causes cross-site request forgery.

This vulnerability appears as CVE-2026-3857. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More