Gitlab reports: CVE-2025-25291 and CVE-2025-25292 (third party gem ruby-saml) CVE-2025-27407 (third party gem graphql) Denial of Service Due to Inefficient Processing of Untrusted Input Credentials disclosed when repository mirroring fails Denial of Service Vulnerability in GitLab Approval Rules due to Unbounded Field Internal Notes in Merge Requests Are Emailed to Non-Members Upon Review Submission Maintainer can inject shell code in Google integrations Guest with custom Admin group member permissions can approve the users invitation despite user…Read More