CVE-2026-2725— Improper Authorization in Gerrit allowing Code Review Bypass via "Submitted Together"
Possible ATT&CK Techniques 1AI
T1068 · Exploitation for Privilege EscalationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-2725
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Authorization in Gerrit allowing Code Review Bypass via "Submitted Together"
Source: NVD (National Vulnerability Database)
Vulnerability Description
Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" tag of an unapproved change.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制不正确
Source: NVD (National Vulnerability Database)
Vulnerability Title
Gerrit 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Gerrit是Gerrit社区的一个代码审查软件。 Gerrit 2.12及之后版本存在安全漏洞,该漏洞源于submitted together功能中的授权不当,可能导致经过身份验证的攻击者绕过代码审查并强制提交代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-2725
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-2725
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-863
- CVE-2026-4055
Insufficient permission validation on cross-team playbook ru - CVE-2026-20238
Improper Access Control through Role Inheritance in Splunk A - CVE-2026-34579
MantisBT has an authorization bypass via private issue monit - CVE-2026-42526
Apache Airflow Amazon provider: Prevent unauthorized access - CVE-2026-41470
LIVE555 < 2026.04.22 RTSP Server Authorization Bypass via Se
V. Comments for CVE-2026-2725
No comments yet