CVE-2026-1868 CRITICAL

CVE-2026-1868: Improper Neutralization of Special Elements Used in a Template Engine in GitLab AI Gateway

Vendor Gitlab
Product GitLab AI Gateway
Weakness CWE-1336
Published February 9, 2026
Last update February 9, 2026

CVSS base score

9.9/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway affecting all versions of the AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0 in which AI Gateway was vulnerable to insecure template expansion of user supplied data via crafted Duo Agent Platform Flow definitions. This vulnerability could be used to cause Denial of Service or gain code execution on the Gateway. This has been fixed in versions 18.6.2, 18.7.1, and 18.8.1 of the GitLab AI Gateway.

Key dates

02Disclosure timeline

February 9, 2026 CVE published
February 9, 2026 Record updated

Related vulnerabilities

04Related CVE