Filtered by vendor Jetbrains
Subscribe
Total
564 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-49386 | 1 Jetbrains | 1 Youtrack | 2026-06-01 | N/A | 6.5 MEDIUM |
| In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas | |||||
| CVE-2026-44413 | 1 Jetbrains | 1 Teamcity | 2026-05-12 | N/A | 8.2 HIGH |
| In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access | |||||
| CVE-2014-10036 | 1 Jetbrains | 1 Teamcity | 2026-05-06 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to inject arbitrary web script or HTML via the cameFromUrl parameter to feed/generateFeedUrl.html. | |||||
| CVE-2014-10002 | 1 Jetbrains | 1 Teamcity | 2026-05-06 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2026-41882 | 1 Jetbrains | 1 Intellij Idea | 2026-05-05 | N/A | 7.4 HIGH |
| In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server | |||||
| CVE-2026-41153 | 1 Jetbrains | 1 Junie | 2026-04-27 | N/A | 5.8 MEDIUM |
| In JetBrains Junie before 252.549.29 command execution was possible via malicious project file | |||||
| CVE-2024-27199 | 1 Jetbrains | 1 Teamcity | 2026-04-21 | N/A | 7.3 HIGH |
| In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible | |||||
| CVE-2026-33392 | 1 Jetbrains | 1 Youtrack | 2026-04-20 | N/A | 7.2 HIGH |
| In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass | |||||
| CVE-2026-32745 | 1 Jetbrains | 1 Datalore | 2026-04-02 | N/A | 6.3 MEDIUM |
| In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure attribute for cookie settings | |||||
| CVE-2026-32229 | 1 Jetbrains | 1 Hub | 2026-04-02 | N/A | 6.8 MEDIUM |
| In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabled | |||||
| CVE-2026-28193 | 1 Jetbrains | 1 Youtrack | 2026-02-26 | N/A | 8.8 HIGH |
| In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint | |||||
| CVE-2026-28196 | 1 Jetbrains | 1 Teamcity | 2026-02-25 | N/A | 2.3 LOW |
| In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on disk | |||||
| CVE-2026-28195 | 1 Jetbrains | 1 Teamcity | 2026-02-25 | N/A | 4.3 MEDIUM |
| In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations | |||||
| CVE-2026-28194 | 1 Jetbrains | 1 Teamcity | 2026-02-25 | N/A | 4.3 MEDIUM |
| In JetBrains TeamCity before 2025.11.3 open redirect was possible in the React project creation flow | |||||
| CVE-2020-29582 | 2 Jetbrains, Oracle | 4 Kotlin, Communications Cloud Native Core Network Slice Selection Function, Communications Cloud Native Core Policy and 1 more | 2026-02-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions. | |||||
| CVE-2026-25846 | 1 Jetbrains | 1 Youtrack | 2026-02-18 | N/A | 6.5 MEDIUM |
| In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs | |||||
| CVE-2026-25847 | 1 Jetbrains | 1 Pycharm | 2026-02-18 | N/A | 8.2 HIGH |
| In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible | |||||
| CVE-2026-25848 | 1 Jetbrains | 1 Hub | 2026-02-18 | N/A | 9.1 CRITICAL |
| In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible | |||||
| CVE-2025-58335 | 1 Jetbrains | 1 Junie | 2026-01-20 | N/A | 5.5 MEDIUM |
| In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 information disclosure was possible via search_project function | |||||
| CVE-2025-59458 | 1 Jetbrains | 1 Junie | 2026-01-20 | N/A | 8.3 HIGH |
| In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible due to improper command validation | |||||