GitLab EE Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in GitLab EE, affecting all versions from 16.6 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1. This vulnerability could have allowed a developer with certain group management permissions to escalate privileges and gain unauthorized access to additional system capabilities.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing users to access additional system capabilities they should not have.

Added: Sep 26, 2025, 9:25 AM

Updated: Sep 26, 2025, 2:54 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GitLab EE Privilege Escalation Vulnerability

Vulnerability

Impact

Affected Products

GitLab

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating