diff --git a/.rubocop_manual_todo.yml b/.rubocop_manual_todo.yml
index 4572078e721fcb73c0175e8098bd25249595c972..9b20af55520e31a9bcc5d8be04ba10fd0a2d2107 100644
--- a/.rubocop_manual_todo.yml
+++ b/.rubocop_manual_todo.yml
@@ -44,15 +44,10 @@ Graphql/Descriptions:
 # WIP See https://gitlab.com/gitlab-org/gitlab/-/issues/267606
 FactoryBot/InlineAssociation:
   Exclude:
-    - 'ee/spec/factories/merge_request_blocks.rb'
-    - 'ee/spec/factories/vulnerabilities/feedback.rb'
     - 'spec/factories/atlassian_identities.rb'
     - 'spec/factories/events.rb'
     - 'spec/factories/git_wiki_commit_details.rb'
     - 'spec/factories/gitaly/commit.rb'
-    - 'spec/factories/go_module_commits.rb'
-    - 'spec/factories/go_module_versions.rb'
-    - 'spec/factories/go_modules.rb'
     - 'spec/factories/group_group_links.rb'
     - 'spec/factories/import_export_uploads.rb'
 
diff --git a/ee/spec/factories/merge_request_blocks.rb b/ee/spec/factories/merge_request_blocks.rb
index 73102b48c7326471fa5118693310a55dbc8f1a7a..ace88cd1b512861124e4b49b468520fc51d1b72a 100644
--- a/ee/spec/factories/merge_request_blocks.rb
+++ b/ee/spec/factories/merge_request_blocks.rb
@@ -2,7 +2,7 @@
 
 FactoryBot.define do
   factory :merge_request_block do
-    blocking_merge_request { create(:merge_request) }
-    blocked_merge_request { create(:merge_request) }
+    blocking_merge_request { association(:merge_request) }
+    blocked_merge_request { association(:merge_request) }
   end
 end
diff --git a/ee/spec/factories/vulnerabilities/feedback.rb b/ee/spec/factories/vulnerabilities/feedback.rb
index 4fdf5cc97d19c4adc69d396847489df2b253ecaa..338d9af20836707e6b573da46af825491947effd 100644
--- a/ee/spec/factories/vulnerabilities/feedback.rb
+++ b/ee/spec/factories/vulnerabilities/feedback.rb
@@ -12,7 +12,7 @@
     author
     issue { nil }
     merge_request { nil }
-    pipeline { create(:ci_pipeline, project: project) }
+    pipeline { association(:ci_pipeline, project: project) }
     feedback_type { 'dismissal' }
     category { 'sast' }
     project_fingerprint { generate(:project_fingerprint) }
@@ -30,12 +30,12 @@
 
     trait :issue do
       feedback_type { 'issue' }
-      issue { create(:issue, project: project) }
+      issue { association(:issue, project: project) }
     end
 
     trait :merge_request do
       feedback_type { 'merge_request' }
-      merge_request { create(:merge_request, source_project: project) }
+      merge_request { association(:merge_request, source_project: project) }
     end
 
     trait :sast do
diff --git a/ee/spec/serializers/vulnerabilities/feedback_entity_spec.rb b/ee/spec/serializers/vulnerabilities/feedback_entity_spec.rb
index f444d412d22dfaffea17245710dc92b926191fc2..aff780fcae5dd29d637ace2fc589feb6d5827d23 100644
--- a/ee/spec/serializers/vulnerabilities/feedback_entity_spec.rb
+++ b/ee/spec/serializers/vulnerabilities/feedback_entity_spec.rb
@@ -15,13 +15,11 @@
   end
 
   describe '#as_json' do
-    let(:feedback) { build(:vulnerability_feedback, :issue, project: project) }
+    let(:feedback) { build_stubbed(:vulnerability_feedback, :issue, project: project) }
 
     it { is_expected.to include(:created_at, :project_id, :author, :category, :feedback_type) }
 
-    context 'feedback type is issue' do
-      let(:feedback) { build(:vulnerability_feedback, :issue, project: project) }
-
+    context 'when feedback type is issue' do
       context 'when issue is present' do
         it 'exposes the issue iid' do
           is_expected.to include(:issue_iid)
@@ -45,15 +43,11 @@
       end
 
       context 'when there is no current user' do
-        let(:entity) { described_class.represent(feedback, request: request) }
-
         before do
           allow(request).to receive(:current_user).and_return(nil)
           allow(feedback).to receive(:author).and_return(nil)
         end
 
-        subject { entity.as_json }
-
         it 'does not include fields related to current user' do
           is_expected.not_to include(:issue_url)
           is_expected.not_to include(:destroy_vulnerability_feedback_dismissal_path)
@@ -62,9 +56,9 @@
       end
 
       context 'when issue is not present' do
-        let(:feedback) { build(:vulnerability_feedback, feedback_type: :issue, project: project, issue: nil) }
-
         it 'does not expose issue information' do
+          feedback.issue = nil
+
           is_expected.not_to include(:issue_iid)
           is_expected.not_to include(:issue_url)
         end
@@ -81,8 +75,8 @@
       end
     end
 
-    context 'feedback type is merge_request' do
-      let(:feedback) { build(:vulnerability_feedback, :merge_request, project: project) }
+    context 'when feedback type is merge_request' do
+      let(:feedback) { build_stubbed(:vulnerability_feedback, :merge_request, project: project) }
 
       context 'when merge request is present' do
         it 'exposes the merge request iid' do
@@ -107,9 +101,9 @@
       end
 
       context 'when merge request is not present' do
-        let(:feedback) { build(:vulnerability_feedback, :merge_request, project: project, merge_request: nil) }
-
         it 'does not expose merge request information' do
+          feedback.merge_request = nil
+
           is_expected.not_to include(:merge_request_iid)
           is_expected.not_to include(:merge_request_path)
         end
@@ -126,8 +120,8 @@
       end
     end
 
-    context 'feedback type is dismissal' do
-      let(:feedback) { create(:vulnerability_feedback, :dismissal, project: project) }
+    context 'when feedback type is dismissal' do
+      let(:feedback) { build_stubbed(:vulnerability_feedback, :dismissal, project: project) }
 
       context 'when not allowed to destroy vulnerability feedback' do
         before do
@@ -152,13 +146,13 @@
   end
 
   context 'when comment is not present' do
-    let(:feedback) { build(:vulnerability_feedback, :dismissal, project: project) }
+    let(:feedback) { build_stubbed(:vulnerability_feedback, :dismissal, project: project) }
 
     it { is_expected.not_to include(:comment_details) }
   end
 
   context 'when comment is present' do
-    let(:feedback) { build(:vulnerability_feedback, :comment, project: project) }
+    let(:feedback) { build_stubbed(:vulnerability_feedback, :comment, project: project) }
 
     it 'exposes comment information' do
       expect(subject).to include(:comment_details)
@@ -169,7 +163,7 @@
   end
 
   context 'when finding_uuid is not present' do
-    let(:feedback) { build(:vulnerability_feedback, :issue, project: project) }
+    let(:feedback) { build_stubbed(:vulnerability_feedback, :issue, project: project) }
 
     it 'has a nil finding_uuid' do
       expect(subject[:finding_uuid]).to be_nil
@@ -177,8 +171,8 @@
   end
 
   context 'when finding_uuid is present' do
-    let_it_be(:finding) { create(:vulnerabilities_finding) }
-    let(:feedback) { create(:vulnerability_feedback, finding_uuid: finding.uuid, project: project) }
+    let(:finding) { build_stubbed(:vulnerabilities_finding) }
+    let(:feedback) { build_stubbed(:vulnerability_feedback, finding_uuid: finding.uuid, project: project) }
 
     it 'exposes finding_uuid' do
       expect(subject[:finding_uuid]).to eq(finding.uuid)