CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2026-1868

CVSS 9.9v3.1pub. 2026-02-09upd. 2026-04-15

GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway affecting all versions of the AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0 in which AI Gateway was vulnerable to insecure template expansion of user supplied data via crafted Duo Agent Platform Flow definitions. This vulnerability could be used to cause Denial of Service or gain code execution on the Gateway. This has been fixed in versions 18.6.2, 18.7.1, and 18.8.1 of the GitLab AI Gateway.

🤖 AI Analysis
How it works

The vulnerability (CWE-1336) consists of the Duo Workflow Service component processing Duo Agent Platform Flow definitions provided by the user without proper input sanitization before their expansion in the template engine. An attacker can craft a malicious flow definition containing specially constructed template directives that will be executed in the AI Gateway context. This results in the ability to execute arbitrary code on the server or render it unavailable.

Impact

An attacker can gain full code execution (RCE) on the GitLab AI Gateway server or cause its unavailability (DoS). Due to the scope of the vulnerability (S:C in the CVSS vector), the impact may extend beyond the directly attacked component.

Mitigation & patch

GitLab AI Gateway should be updated to version 18.6.2, 18.7.1 or 18.8.1, in which the vulnerability has been removed. Details are available in the official vendor statement: https://about.gitlab.com/releases/2026/02/06/patch-release-gitlab-ai-gateway-18-8-1-released/

Who is affected

GitLab AI Gateway in all versions from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, as well as versions 18.7.0 and 18.8.0.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCEDoSCI/CD
CWE
References