GitLab shipped security releases for Community Edition and Enterprise Edition covering versions 18.11.3, 18.10.6, and 18.9.7 on May 14, 2026. The release continues GitLab's practice of simultaneously patching all actively supported branches and follows a prior patch cycle from April 22 (18.11.1, 18.10.4, 18.9.6) — this is a distinct patch set addressing new CVEs on newer sub-versions. Self-managed GitLab deployments that have not yet upgraded are exposed to the vulnerabilities addressed in this release. GitLab-hosted (GitLab.com) users are automatically protected. Operators should consult the official release notes for affected CVE identifiers and upgrade as soon as possible.