EUVD-2025-197696

GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references combined with redirect handling weaknesses...

UBUNTU-CVE-2025-11865

An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain circumstances, could have allowed an attacker to remove Duo flows of another user...

PT-2025-47048

Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.4 through 18.4.3 GitLab EE versions 18.5 through 18.5.1 Description An authenticated user could obtain CSRF tokens due to improper input validation in repository references and redirect handling weaknesses. The issue...

Visual Studio 2026 Security Update (18.4.4)

This security update applies to all editions of Visual Studio 2026, and will update client machines on the Stable channel to version 18.4.4. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update ...