CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

OSV•added 2025/11/20 9:3 a.m.•3 views

BIT-GITLAB-2025-11865 Incorrect Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain circumstances, could have allowed an attacker to remove Duo flows of another user...

5.3CVSS6.8AI score0.00017EPSS

Exploits0References3

Tenable Nessus•added 2025/11/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-11865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain...

5.3CVSS5.5AI score0.00017EPSS

Exploits0References2

RedhatCVE•added 2025/11/17 7:3 a.m.•2 views

CVE-2025-11865

5.3CVSS6.9AI score0.00017EPSS

Exploits0References1

NVD•added 2025/11/15 8:15 a.m.•2 views

CVE-2025-11865

5.3CVSS0.00017EPSS

Exploits0References2

Cvelist•added 2025/11/15 8:3 a.m.•4 views

CVE-2025-11865 Incorrect Authorization in GitLab

4.3CVSS0.00017EPSS

Exploits0References2

CVE•added 2025/11/15 8:3 a.m.•35 views

CVE-2025-11865

GitLab EE contains an Incorrect Authorization issue (CVE-2025-11865) that could allow an attacker to remove Duo MFA flows belonging to another user. Affected versions are GitLab EE 18.1–18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2. The root cause is described as improper authorization check...

5.3CVSS6.5AI score0.00017EPSS

Exploits0References2Affected Software1

OSV•added 2025/11/15 8:3 a.m.•1 views

CVE-2025-11865 Incorrect Authorization in GitLab

4.3CVSS6.5AI score0.00017EPSS

Exploits0References5