{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T07:14:50.250","vulnerabilities":[{"cve":{"id":"CVE-2025-12664","sourceIdentifier":"cve@gitlab.com","published":"2026-04-08T23:16:56.200","lastModified":"2026-04-14T17:04:59.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries."}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Primary","description":[{"lang":"en","value":"CWE-1284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"18.8.9","matchCriteriaId":"48E564F7-CB57-4A79-A921-BA28CF67C623"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"18.9.0","versionEndExcluding":"18.9.5","matchCriteriaId":"5C4D8A99-6E70-4D55-9ACF-FF2620F070E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"18.10.0","versionEndExcluding":"18.10.3","matchCriteriaId":"DBCB346F-0B28-458B-A453-29DA4B0E91FC"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"18.8.9","matchCriteriaId":"69D195DE-D52F-4794-84F8-B88A736360A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"18.9.0","versionEndExcluding":"18.9.5","matchCriteriaId":"3BA6A89D-D2C1-45B9-A8E8-64256816D880"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"18.10.0","versionEndExcluding":"18.10.3","matchCriteriaId":"BB2F3665-2451-4A4D-8538-93F540975F0E"}]}]}],"references":[{"url":"https://about.gitlab.com/releases/2026/04/08/patch-release-gitlab-18-10-3-released/","source":"cve@gitlab.com","tags":["Vendor Advisory","Release Notes"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/579376","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3377091","source":"cve@gitlab.com","tags":["Permissions Required"]}]}}]}