CVE-2025-14594 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 API authorization

Inserito da Angelo Barbosa | Feb 11, 2026 | CVE

A vulnerability identified as problematic has been detected in GitLab Community Edition and Enterprise Edition up to 18.6.5/18.7.3/18.8.3. This issue affects some unknown processing of the component API. Performing a manipulation results in authorization bypass.

This vulnerability is cataloged as CVE-2025-14594. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.

CVE-2025-14594 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 API authorization

Post correlati

CVE-2024-51304 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi ldap_search_dn command injection

CVE-2024-30952 | PESCMS-TEAM 2.3.6 domain cross site scripting

CVE-2024-44945 | Linux Kernel up to 6.10.6 nfnetlink Privilege Escalation (3e03b536d945/d1a7b382a9d3)

CVE-2024-33471 | AVTECH Room Alert 4E 4.4.0 AJAX Request missing encryption