jetbrains
Latest CVEs
The 15 most recently published vulnerabilities affecting jetbrains.
- CVE-2026-53914In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata6.7
- CVE-2026-57925In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags4.3
- CVE-2026-57926In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack2.6
- CVE-2026-57924In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details4.3
- CVE-2026-57923In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings5.3
- CVE-2026-57922In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible3.1
- CVE-2026-57921In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint4.3
- CVE-2026-50242In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was...10.0
- CVE-2026-56142In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible9.9
- CVE-2026-56141In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeover via predictable restore codes was possible9.8
- CVE-2026-53915In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration7.1
- CVE-2026-49385In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts6.5
- CVE-2026-49386In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas6.5
- CVE-2026-49384In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible6.1
- CVE-2026-49383In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible3.3