The flaws span cross-site scripting, authorization bypass, denial-of-service, and information disclosure, collectively posing significant risks to self-managed instances.
The patched versions, GitLab 18.7.1, 18.6.3, and 18.5.5, address these security issues and have already been deployed on GitLab.com.
GitLab maintains a regular twice-monthly patch cycle alongside ad-hoc releases for critical issues, and the organization strongly recommends all customers maintain deployment on the latest available patch for their supported branch.
The newly released updates remediate flaws affecting core GitLab functionality, including GitLab Flavored Markdown, the Web IDE, Duo Workflows, AI GraphQL endpoints, import mechanisms, and runner management systems.
The most critical issues involve stored and reflected cross-site scripting attacks that could allow attackers to execute arbitrary JavaScript in users’ browsers.
Additional concerns include missing authorization controls in AI configuration workflows and insufficient access granularity for runner management operations.
| CVE ID | Description | CVSS v3.1 |
|---|---|---|
| CVE-2025-9222 | Stored XSS via crafted Markdown placeholders, allowing script execution in victim browsers | 8.7 (High) |
| CVE-2025-13761 | Reflected XSS enabling unauthenticated attackers to execute code in authenticated user browsers via crafted webpages | 8.0 (High) |
| CVE-2025-13772 | Missing authorization allowing users to access AI model settings from unauthorized namespaces | 7.1 (High) |
| CVE-2025-13781 | Missing authorization permitting modification of instance-wide AI provider settings | 6.5 (Medium) |
| CVE-2025-10569 | Authenticated denial of service via crafted responses to external API calls | 6.5 (Medium) |
| CVE-2025-11246 | Insufficient access control enabling users to remove project runners from unrelated projects | 5.4 (Medium) |
| CVE-2025-3950 | Information disclosure leaking connection details via specially crafted images, bypassing the asset proxy | 3.5 (Low) |
These vulnerabilities apply to all deployment types: omnibus packages, source installations, and Helm charts, unless explicitly excluded, which means most self-managed environments require immediate action.
The authorization flaws in Duo Workflows and AI GraphQL mutations could grant low-privileged users access to sensitive AI configurations outside their designated namespaces.
Additional concerns include denial-of-service attacks on import functionality and Mermaid diagram rendering, which may expose sensitive connection information.
Collectively, these issues threaten the integrity of project data, the confidentiality of configuration data, and GitLab service availability.
Single-node instances should expect downtime during database migrations, whereas multi-node environments can use GitLab’s zero-downtime procedures to maintain service continuity.
GitLab advises all administrators to upgrade immediately to the latest patch version. Organizations should concurrently review documented security best practices, including patch management discipline, external access hardening, and monitoring for anomalous activity targeting the affected vulnerability vectors.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyber Press as a Preferred Source in Google.
The post GitLab Patches Multiple Vulnerabilities Enabling Arbitrary Code Execution appeared first on Cyber Security News.
Guess they weren’t kidding with that “Oscars host for life” sketch at last year’s show.…
Christopher Nolan has confirmed a casting twist for his upcoming “mythic action epic,” The Odyssey.…
Christopher Nolan has confirmed a casting twist for his upcoming “mythic action epic,” The Odyssey.…
For this week only, Best Buy is offering a rare deal on a compact convertible…
Microsoft’s May 2026 Patch Tuesday lands with a heavy enterprise focus, fixing 120 vulnerabilities across…
Fortinet released security advisories on May 12, 2026, addressing five vulnerabilities spanning its wireless access…
This website uses cookies.