InfoWorld

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched. A critical two-factor authentication bypass vulnerability in the Community ...
Bleeping Computer

GitLab warns of high-severity 2FA bypass, denial-of-service flaws

GitLab has patched a high-severity two-factor authentication bypass impacting community and enterprise editions of its software development platform. Tracked as CVE-2026-0723, this vulnerability stems ...
TechRepublic

Zoom and GitLab Patch RCE, DoS, and 2FA Bypass Vulnerabilities

Both platforms serve as backbone infrastructure for remote work and software development, making these flaws particularly dangerous for business continuity. Two of the world’s most critical business ...
Hosted on MSN

GitLab patches major security flaw - here's what we know

GitLab patched CVE-2026-0723, a flaw allowing 2FA bypass and account takeover Additional DoS vulnerabilities in authentication, API endpoints, Wiki, and SSH were also fixed GitLab urges immediate ...
TechRadar

GitLab has patched a host of worrying security issues

GitLab releases patch for nine flaws, including two critical severity ones The critical flaws allowed threat actors to bypass authentication and could lead to data exfiltration Patch is available now, ...
Bleeping Computer

Latest Two-factor Authentication news

GitLab has patched a high-severity two-factor authentication bypass impacting community and enterprise editions of its software development platform. Over 10,000 Internet-exposed Fortinet firewalls ...
IT News For Australia Business

GitLab fixes account takeover vulnerability

GitLab has patched a critical and trivial-to-exploit account takeover bug. The attack vector for CVE-2023-7028 is the password reset function. “User account password reset emails could be delivered to ...