PT-2025-39627 · Gitlab · Gitlab Ce/Ee

Published

2025-09-25

Updated

2025-10-01

CVE-2025-7691

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions GitLab EE versions 16.6 through 18.2.6 GitLab EE versions 18.3 through 18.3.2 GitLab EE versions 18.4 through 18.4.0

Description A privilege escalation issue exists in GitLab EE. A developer possessing specific group management permissions may be able to escalate their privileges and gain unauthorized access to system capabilities.

Recommendations Update GitLab EE to version 18.2.7 or later. Update GitLab EE to version 18.3.3 or later. Update GitLab EE to version 18.4.1 or later.

Exploit

Fix

LPE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-267

Related Identifiers

BDU:2025-12404

BIT-GITLAB-2025-7691

CVE-2025-7691

Affected Products

Gitlab Ce/Ee

PT-2025-39627 · Gitlab · Gitlab Ce/Ee

CVE-2025-7691

Weakness Enumeration

Related Identifiers

Affected Products

References · 10