CVE-2025-8770 | GitLab Enterprise Edition up to 18.0.5/18.1.3/18.2.1 Merge Request authorization (Issue 549105)

A vulnerability was found in GitLab Enterprise Edition up to 18.0.5/18.1.3/18.2.1. It has been declared as problematic. This vulnerability affects unknown code of the component Merge Request Handler. The manipulation leads to authorization bypass.

This vulnerability was named CVE-2025-8770. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More