CVE-2025-5846 | GitLab Enterprise Edition up to 17.11.4/18.0.2/18.1.0 GraphQL authorization

A vulnerability classified as problematic has been found in GitLab Enterprise Edition up to 17.11.4/18.0.2/18.1.0. Affected is an unknown function of the component GraphQL Handler. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-5846. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More