Search Results (588 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-59795 1 Jetbrains 1 Teamcity 2026-07-17 8.1 High
In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible
CVE-2026-59796 1 Jetbrains 1 Teamcity 2026-07-17 8.1 High
In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks
CVE-2026-61492 1 Jetbrains 1 Youtrack 2026-07-17 3.5 Low
In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible
CVE-2026-59791 1 Jetbrains 1 Youtrack 2026-07-16 3.5 Low
In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible
CVE-2026-59792 1 Jetbrains 1 Intellij Idea 2026-07-16 9.6 Critical
In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible
CVE-2026-59794 1 Jetbrains 1 Teamcity 2026-07-16 7.3 High
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data
CVE-2026-62422 1 Jetbrains 1 Youtrack 2026-07-16 10 Critical
In JetBrains YouTrack before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible
CVE-2026-59793 1 Jetbrains 1 Teamcity 2026-07-15 8.8 High
In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration
CVE-2026-57923 1 Jetbrains 1 Youtrack 2026-06-26 5.3 Medium
In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings
CVE-2026-57924 1 Jetbrains 1 Youtrack 2026-06-26 4.3 Medium
In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details
CVE-2026-57925 1 Jetbrains 1 Youtrack 2026-06-26 4.3 Medium
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags
CVE-2026-57926 1 Jetbrains 1 Youtrack 2026-06-26 2.6 Low
In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack
CVE-2026-57921 1 Jetbrains 1 Youtrack 2026-06-26 4.3 Medium
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint
CVE-2026-57922 1 Jetbrains 1 Youtrack 2026-06-26 3.1 Low
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
CVE-2026-53914 1 Jetbrains 1 Kotlin 2026-06-26 6.7 Medium
In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata
CVE-2026-53915 1 Jetbrains 1 Goland 2026-06-25 7.1 High
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration
CVE-2026-50242 1 Jetbrains 1 Hub 2026-06-22 10 Critical
In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible
CVE-2026-56142 1 Jetbrains 1 Hub 2026-06-22 9.6 Critical
In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible
CVE-2026-56141 1 Jetbrains 1 Hub 2026-06-22 9.8 Critical
In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeover via predictable restore codes was possible
CVE-2026-49373 1 Jetbrains 1 Teamcity 2026-06-02 7.1 High
In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings