CVE-2025-11702: 
GitLab vulnerability analysis and mitigation

GitLab has disclosed a high-severity vulnerability (CVE-2025-11702) affecting GitLab Enterprise Edition (EE). The vulnerability impacts all versions from 17.1 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1. This improper access control issue in the runner API was discovered and reported through GitLab's HackerOne bug bounty program by researcher iamgk808 (GitLab Patch).

The vulnerability has been assigned a CVSS score of 8.5 (High) with the following vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H. The flaw exists in the runner API component of GitLab EE, where improper access control mechanisms could allow privilege escalation. The vulnerability requires network access and low privileges but no user interaction to exploit (GitLab Patch).

If successfully exploited, this vulnerability allows an authenticated user with specific permissions to hijack project runners from other projects within the same GitLab instance. This could enable attackers to gain control over build infrastructure, intercept CI/CD secrets, or inject malicious code into automated pipelines, representing a critical risk for enterprises running shared runners across multiple projects (Security Online).

GitLab has released security patches in versions 18.5.1, 18.4.3, and 18.3.5 for Enterprise Edition. Organizations are strongly advised to upgrade to these patched versions immediately. GitLab.com is already running the patched version, and GitLab Dedicated customers do not need to take action (GitLab Patch).