CVE-2025-11340: 
GitLab vulnerability analysis and mitigation

GitLab has identified and remediated a high-severity vulnerability (CVE-2025-11340) affecting GitLab Enterprise Edition (EE) versions from 18.3 to 18.3.4 and 18.4 to 18.4.2. The vulnerability was discovered internally by GitLab team member Brian Williams and was disclosed on October 8, 2025. This security issue impacts the GraphQL mutations functionality in GitLab EE, potentially affecting organizations using these specific versions of the software (GitLab Release, NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.7 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N. The issue stems from incorrectly scoped GraphQL mutations that could allow authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records. The vulnerability is classified under CWE-863 (Incorrect Authorization) (GitLab Release).

The vulnerability enables authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records, potentially compromising the integrity of security-related data within affected GitLab Enterprise Edition installations (GitLab Release).

GitLab has released patches in versions 18.4.2, 18.3.4, and 18.2.8 to address this vulnerability. Organizations running affected versions are strongly advised to upgrade immediately to one of these patched versions. GitLab.com is already running the patched version, and GitLab Dedicated customers do not need to take action (GitLab Release, GBHackers).