The Advanced Woo Labels plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2
Description
The Advanced Woo Labels plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2
Remediation
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
---METADATA---
VENDOR: GitLab
PRODUCT: AI Gateway (Duo Workflow Service)
AFFECTED_VERSIONS: 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0
---END_METADATA---
Description Summary:
Insecure template expansion in GitLab AI Gateway allows attackers to cause a denial-of-service or execute arbitrary code via crafted Duo Agent definitions.
Executive Summary:
A critical vulnerability in the GitLab AI Gateway Duo Workflow Service permits remote code execution or denial-of-service via insecure template expansion.
Vulnerability Details
CVE-ID: CVE-2026-1868
Affected Software: GitLab AI Gateway
Affected Versions: 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0
Vulnerability: The AI Gateway component is vulnerable to insecure template expansion of user-supplied data through crafted Duo Agent Platform Flow definitions. An attacker can leverage this flaw to inject malicious code that the Gateway processes, leading to either a total system crash or arbitrary code execution.
Business Impact
A successful exploit could lead to the complete compromise of the AI Gateway, potentially exposing sensitive AI training data or integration secrets. The CVSS score of 9.9 indicates a near-maximum severity, reflecting the catastrophic potential for service downtime and unauthorized access to the underlying infrastructure.
Remediation Plan
Immediate Action: Update the GitLab AI Gateway to versions 18.6.2, 18.7.1, or 18.8.1 immediately.
Proactive Monitoring: Monitor the AI Gateway logs for unusual Duo Agent Platform Flow definitions or unexpected service restarts.
Compensating Controls: Ensure that the AI Gateway is deployed within a segmented network environment to limit the impact of a potential compromise.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Feb 9, 2026, there is no public information indicating active exploitation. GitLab has proactively released patches, and the high CVSS score necessitates urgent attention from security teams.
Analyst Recommendation
Because this vulnerability allows for remote code execution on a high-value AI component, remediation should be the highest priority. Administrators must update to the fixed versions (18.6.2, 18.7.1, or 18.8.1) immediately to mitigate the risk of exploitation.