CVE-2025-25291: GitLab SAML Authentication Bypass

CRITICAL
9.8CRITICAL
Published: 2025-03-12Affected: GitLab CE/EE with ruby-saml < 1.17.0CWE-287

Can GitLab SAML authentication be bypassed?

An authentication bypass in GitLab via a parser differential in ruby-saml. Attackers can craft SAML responses that bypass signature verification, allowing login as any user including administrators without valid credentials.

Impact & Exploitation

Affects GitLab instances with SAML SSO enabled. Enables complete account takeover including admin access. Source code theft, CI/CD pipeline compromise, and supply chain attacks.

How Precogs AI Detects GitLab SAML Authentication Bypass

Precogs AI detects SAML parsing vulnerabilities in compiled authentication libraries, identifying XML parser differentials that enable signature bypass.

Scan for CVE-2025-25291

Related Resources

🔍 Related CWE Entries

📋 OWASP Top 10

📖 Security Guides

🛡️ Notable Vulnerabilities

🔗 External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS9.8
SeverityCRITICAL
CWECWE-287
Published2025-03-12

Tags

gitlabsamlauth-bypasssupply-chain

Quick Links

Is your system affected?

Precogs AI detects GitLab SAML Authentication Bypass in compiled binaries and firmware — even without source code.

Request Deep Analysis