A now-patched critical RCE vulnerability in GitLab’s web interface is being actively exploited in the wild, rendering a large number of internet-facing GitLab instances susceptible to attacks.
Source: cyware.com