What is CVE-2026-1868?

A critical vulnerability in GitLab's AI Gateway could allow for Denial of Service or code execution. Organizations should prioritize patching to mitigate risks associated with this flaw.

What is the severity of CVE-2026-1868?

CVE-2026-1868 has a severity rating of CRITICAL with a CVSS base score of 9.9.

CVE-2026-1868 | Critical Vulnerability in GitLab AI Gateway

GitLab has identified and remediated a critical vulnerability in the Duo Workflow Service component of the GitLab AI Gateway. This vulnerability affects all versions of the AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0. The issue arises from insecure template expansion of user-supplied data via crafted Duo Agent Platform Flow definitions. Consequently, this vulnerability could lead to Denial of Service (DoS) or allow attackers to gain code execution on the Gateway.

The CVSS score for this vulnerability is 9.9, indicating a critical severity level. This high score underscores the significant risk to organizations utilizing affected versions of the GitLab AI Gateway. The vulnerability was publicly disclosed on February 9, 2026, and organizations should immediately assess their exposure.

Organizations should prioritize patching immediately. The vulnerability has been addressed in versions 18.6.2, 18.7.1, and 18.8.1 of the GitLab AI Gateway. Failure to apply these patches could expose systems to severe threats, including DoS attacks and unauthorized code execution.

As the vulnerability is critical, it is essential for security teams to validate whether their systems are running vulnerable versions of the GitLab AI Gateway and to implement the necessary updates without delay.

Vulnerability Details

The vulnerability allows for insecure template expansion, which can be exploited under low attack complexity and low privilege requirements, with no user interaction required. The impacts include high confidentiality, integrity, and availability risks.

Technical Analysis

This vulnerability is classified under CWE-1336, indicating issues related to insecure template processing. Attackers could leverage crafted definitions to manipulate the template expansion behavior, potentially leading to critical service disruptions or unauthorized code execution.

Risk & Impact Analysis

Risk to organizations includes significant potential for service disruption and unauthorized access, making this vulnerability a high priority for remediation. The exploitation potential of this vulnerability is critical, with a high blast radius impacting any organization using affected versions of the GitLab AI Gateway. Organizations should address this vulnerability as part of their immediate patching cycle to mitigate the associated risks.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The vulnerability affects all versions of the GitLab AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0. The fixed versions are 18.6.2, 18.7.1, and 18.8.1.

Mitigation & Remediation

Organizations are urged to apply the patches available in versions 18.6.2, 18.7.1, and 18.8.1 of the GitLab AI Gateway to mitigate the risks associated with this vulnerability. If immediate patching is not possible, consider implementing network controls to restrict access to the AI Gateway until the patch can be applied. Continuous monitoring for unusual behavior is also recommended to detect any potential exploit attempts.

Detection Guidance

Monitoring logs for indicators of exploitation, such as unexpected service restarts or unusual network traffic patterns to the AI Gateway, can help identify potential attacks. Performing regular security audits and applying the latest patches can also aid in maintaining a secure environment.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2026-1868 highlights the necessity for organizations to maintain vigilance over their software components. This pattern of vulnerability illustrates a critical area where security teams should focus their defensive strategies. It serves as a reminder to regularly review and update security practices in line with emerging threats.

To enhance security posture, organizations should consider implementing a penetration testing approach to identify similar weaknesses preemptively.

For further insights on vulnerability management, organizations can refer to our vulnerability management program design guidelines.

Additionally, organizations should stay informed about the latest trends in security by reviewing our vulnerability exposure severity trends to identify potential areas of concern.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2026-1868: Critical Vulnerability in GitLab AI Gateway