A vulnerability classified as critical was found in Gitea up to 1.25.4. This affects an unknown function of the component Organization Handler. Such manipulation leads to improper access controls.

This vulnerability is listed as CVE-2026-25712. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.