CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.4 and 18.0 before 18.0.2. A missing authorization check may have...

9.9CVSS5.9AI score0.00103EPSS

Exploits0References2

Tenable Nessus•added 2025/08/26 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2025-5846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed...

4.3CVSS5.5AI score0.00065EPSS

Exploits0References2

OSV•added 2025/06/30 3:16 p.m.•4 views

BIT-GITLAB-2025-5846 Missing Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to assign unrelated compliance frameworks to projects by sending crafted GraphQL mutations that bypassed...

4.3CVSS5.6AI score0.00065EPSS

Exploits0References2

RedhatCVE•added 2025/06/28 6:19 a.m.•9 views

CVE-2025-5846

4.3CVSS5.7AI score0.00065EPSS

Exploits0References1

OSV•added 2025/06/26 6:15 a.m.•0 views

UBUNTU-CVE-2025-5846

4.3CVSS5.8AI score0.00065EPSS

Exploits0References2

Vulnrichment•added 2025/06/26 5:31 a.m.•4 views

CVE-2025-5846 Missing Authorization in GitLab

2.7CVSS6.6AI score0.00065EPSS

Exploits0References1

CVE•added 2025/06/26 5:31 a.m.•24 views

CVE-2025-5846

CVE-2025-5846 (GitLab EE) affects GitLab Enterprise Edition prior to 17.11.5, 18.0 prior to 18.0.3, and 18.1 prior to 18.1.1. The issue allows authenticated users to assign unrelated compliance frameworks to projects by sending crafted GraphQL mutations that bypass framework-specific permission c...

4.3CVSS6.4AI score0.00065EPSS

Exploits0References1Affected Software1

OSV•added 2025/06/26 5:31 a.m.•3 views

CVE-2025-5846 Missing Authorization in GitLab

2.7CVSS6.3AI score0.00065EPSS

Exploits0References4

Positive Technologies•added 2025/06/25 12:0 a.m.•1 views

PT-2025-26939 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 16.10 through 17.11.4 GitLab EE versions 18.0 through 18.0.2 GitLab EE versions 18.1 through 18.1.0 Description: An issue has been discovered that could have allowed authenticated users to assign unrelated compliance...

4.3CVSS6AI score0.00065EPSS

Exploits0References13

RedhatCVE•added 2025/06/23 8:39 a.m.•2 views

CVE-2025-5121

An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.4 and 18.0 before 18.0.2. A missing authorization check may have allowed compliance frameworks to be applied to projects outside the compliance framework's group...

9.9CVSS6.8AI score0.00103EPSS

Exploits0References1

OSV•added 2025/06/20 6:15 p.m.•0 views

UBUNTU-CVE-2025-5121

9.9CVSS5.7AI score0.00103EPSS

Exploits0References4

OSV•added 2025/06/20 5:12 p.m.•3 views

CVE-2025-5121 Missing Authorization in GitLab

8.5CVSS6.7AI score0.00103EPSS

Exploits0References5

RedhatCVE•added 2025/06/14 11:2 a.m.•2 views

CVE-2025-5195

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure...

4.3CVSS4.6AI score0.00031EPSS

Exploits1References1

OSV•added 2025/06/14 6:15 a.m.•3 views

BIT-GITLAB-2025-5195 Authorization Bypass Through User-Controlled Key in GitLab

4.3CVSS4.5AI score0.00031EPSS

Exploits1References2