CVE-2026-9694 | GitLab Community Edition/Enterprise Edition up to 18.10.7/18.11.4/19.0.1 Service Desk Email Reply substitution character

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 18.10.7/18.11.4/19.0.1. It has been rated as problematic. The impacted element is an unknown function of the component Service Desk Email Reply Handler. Performing a manipulation results in improper neutralization of substitution characters.

This vulnerability is reported as CVE-2026-9694. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More