CVE Catalog

CVE-2026-2725

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability in the 'submitted together' feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the topic tag of an unapproved change.

Risk Assessment

The organization is at risk of unauthorized code deployment to protected branches, potentially leading to repository integrity compromise, malicious code injection, or production system destabilization.

Recommendation

Immediately update Gerrit to a patched version and review/restrict force push permissions for users on secondary branches.

Original NVD description (English source)

Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" tag of an unapproved change.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS