VDB

CVE-2025-12716

CVE-2025-12716 PUBLISHED

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that, under certain conditions could have allowed an authenticated user to perform unauthorized actions on behalf of another user by creating wiki pages with malicious content.

EPSS 0.05% · 16.5th percentile

Risk Scores

EPSS Score
0.05%
16.5th percentile

Affected Products

VendorProductVersions
Bitnamigitlab18.4.0, 18.6.0, 18.5.0
Bitnamigitlab18.4.0, 18.5.0, 18.6.0

Timeline

  • Dec 11, 2025 CVE Published
  • Dec 11, 2025 EPSS Score
  • Dec 11, 2025 PoC Published
  • Dec 11, 2025 PoC Published
  • Dec 11, 2025 PoC Published
  • Dec 15, 2025 EPSS Score
  • Dec 19, 2025 EPSS Score
  • Dec 23, 2025 EPSS Score
  • Dec 28, 2025 EPSS Score
  • Jan 1, 2026 EPSS Score
  • Jan 5, 2026 EPSS Score
  • Jan 9, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›