Dark Reading

GitLab Warns of Max Severity Authentication Bypass Bug

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.
heise online

Security vulnerabilities: Gitlab developers advise rapid update

According to a warning message, two vulnerabilities (CVE-2025-25291, CVE-2025-25292) are considered “critical”. However, systems are only vulnerable if authentication via SAML SSO is active and ...
Dark Reading

SAML Flaw Lets Hackers Assume Users' Identities

A newly discovered vulnerability lets attackers take advantage of single sign-on (SSO) systems relying on Security Assertion Markup Language (SAML) and authenticate as another user without knowing his ...