GitLab released patch updates 18.8.2, 18.7.2, and 18.6.4 for Community and Enterprise Editions to remediate multiple security vulnerabilities and stability issues, and administrators of self-managed instances are strongly advised to upgrade immediately. The updates fix several high-severity flaws including CVE-2025-13927 (Jira Connect DoS), CVE-2025-13928 (Releases API DoS), and CVE-2026-0723 (2FA bypass), and may require database migrations that can cause downtime on single-node installations. #GitLab #CVE-2025-13927
Keypoints
- Patch releases 18.8.2, 18.7.2, and 18.6.4 are available for GitLab Community Edition and Enterprise Edition.
- The updates remediate multiple high-severity CVEs, including CVE-2025-13927, CVE-2025-13928, and CVE-2026-0723.
- GitLab.com is already on the patched versions and GitLab Dedicated customers do not need to take action.
- Self-managed upgrades may require database migrations that cause downtime on single-node installs; multi-node deployments can use zero-downtime procedures.
- Additional bug fixes address CI jobs, Sidekiq behavior, Git LFS throttling, Wiki redirects, and other platform stability issues.
Read More: https://thecyberexpress.com/gitlab-patch-release-security-vulnerabilities/