GitLab patches major security flaw - here's what we know

News
By published

A new patch fixes six important GitLab flaws

Isometric demonstrating multi-factor authentication using a mobile device.
(Image credit: Shutterstock)
  • GitLab patched CVE-2026-0723, a flaw allowing 2FA bypass and account takeover
  • Additional DoS vulnerabilities in authentication, API endpoints, Wiki, and SSH were also fixed
  • GitLab urges immediate upgrades; ~6,000 exposed CE instances remain potential targets

GitLab fixed a high-severity vulnerability in its Community Edition and Enterprise Edition (CE/EE) versions allowed threat actors to bypass two-factor authentication and potentially take over people’s accounts.

"GitLab has remediated an issue that could have allowed an individual with existing knowledge of a victim's credential ID to bypass two-factor authentication by submitting forged device responses," the company said in a security advisory.

As it explained, the vulnerability was due to unchecked return value in GitLab’s authentication services. As a result, the attackers are able to work around 2FA for victims whose IDs they knew in advance.

Weird campaign

The bug is now tracked as CVE-2026-0723 and was given a high severity score (7.4/10).

It was fixed in versions 18.8.2, 18.7.2, 18.6.4, of CE/EE.

In the same patch, GitLab also fixed two additional bugs that allowed attackers to mount denial-of-service (DoS) attacks by sending custom-tailored requests with malformed authentication data, and abusing incorrect authorization validation in API endpoints.

These two flaws are tracked as CVE-2025-13927, and CVE_2025.13928, and affect both CE and EE versions.

GitLab also patched two DoS flaws that can be triggered by configuring malformed Wiki documents and sending repeated malformed SSH authentication requests. These two are now tracked as CVE-2025-13335 and CVE-2026- 1102.

Speaking about the latest patch, GitLab urged users to apply it without hesitation:

"These versions contain important bug and security fixes, and we strongly recommend that all self-managed GitLab installations be upgraded to one of these versions immediately," GitLab explained. "GitLab.com is already running the patched version. GitLab Dedicated customers do not need to take action."

Citing Shadowserver data, BleepingComputer says there are currently around 6,000 GitLab CE instances exposed online, suggesting that the target landscape is rather large.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.