A vulnerability described as problematic has been identified in Bitbucket Push and Pull Request Plugin up to 3.3.8 . Affected by this vulnerability is an unknown functionality of the component Configured Bitbucket Server Endpoint . Executing a manipulation can lead to improper certificate validation. This vulnerability is tracked as CVE-2026-57289 . The attack can be launched remotely. No exploit exists.