CVE-2025-2246 – GitLab Unauthenticated GraphQL API Access Vulnerability

CVE ID : CVE-2025-2246

Published : Aug. 27, 2025, 8:15 p.m. | 26 minutes ago

Description : An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have allowed unauthenticated users to access sensitive manual CI/CD variables by querying the GraphQL API.

Severity: 5.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…