A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 18.9.6/18.10.5/18.11.2 . It has been declared as critical . Affected is an unknown function. Such manipulation leads to authentication bypass using alternate channel. This vulnerability is traded as CVE-2026-4524 . The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.