GitLab CE/EE Log Auth Token Leak (v13.2-18.4.5, 18.5-18.5.3, 18.6-18.6.1)
CVE-2025-13611 Published on November 26, 2025
Insertion of Sensitive Information into Log File in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user with access to certain logs to obtain sensitive tokens under specific conditions.
Vulnerability Analysis
CVE-2025-13611 can be exploited with network access, requires user interaction and user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Weakness Type
Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
Products Associated with CVE-2025-13611
Want to know whenever a new CVE is published for GitLab? stack.watch will email you.
Affected Versions
GitLab:- Version 13.2 and below 18.4.5 is affected.
- Version 18.5 and below 18.5.3 is affected.
- Version 18.6 and below 18.6.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.