PT-2026-40853 · Gitlab · Gitlab Ce/Ee

CVE-2025-13874

·

Published

2026-05-14

·

Updated

2026-05-18

CVSS v3.1

4.3

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 15.1 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2
Description An issue exists where an authenticated user with Guest permissions can view issues in projects they are not authorized to access.
Recommendations Update GitLab CE/EE to version 18.9.7 or later. Update GitLab CE/EE to version 18.10.6 or later. Update GitLab CE/EE to version 18.11.3 or later.

Exploit

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07008
BIT-GITLAB-2025-13874
CVE-2025-13874

Affected Products

Gitlab Ce/Ee