A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 18.10.7/18.11.4/19.0.1 . It has been rated as problematic . The impacted element is an unknown function of the component Service Desk Email Reply Handler . Performing a manipulation results in improper neutralization of substitution characters. This vulnerability is reported as CVE-2026-9694 . The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.