Can't invite non-member into confidential discussion
The confidential issues documentation mentions that “Confidential issues can be used by open source projects [...] to keep security vulnerabilities private[ or prevent surprises from leaking out [...].”
But for open source projects (and likely a number of others), it's very important to be able to invite experts into the conversation. When GNOME used Bugzilla as its bug tracking tool, private issues were only visible to folks in the assignees and CC lists, so inviting a user to comment was as simple as a person with access adding them to the CC list.
GitLab unfortunately doesn't seem to have any way to allow inviting users into an issue (or I guess eventually revoking it so as to keep access to a minimum) without granting them more rights, which might not even be a possibility depending on how the organisation, and the instance, are configured.