Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-57926 |
|
Vulnerability in jetbrains (CVE-2026-57926)
vulnerability in jetbrains (CVE-2026-57926). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53914 |
|
Unsafe Deserialization in deserialization (CVE-2026-53914)
vulnerability in deserialization (CVE-2026-53914). Confidential information can be exposed externally.
|
| CVE-2026-57923 |
|
Vulnerability in jetbrains (CVE-2026-57923)
vulnerability in jetbrains (CVE-2026-57923). Data can be tampered with by attackers.
|
| CVE-2026-57925 |
|
Vulnerability in jetbrains (CVE-2026-57925)
vulnerability in jetbrains (CVE-2026-57925). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57924 |
|
Vulnerability in jetbrains (CVE-2026-57924)
vulnerability in jetbrains (CVE-2026-57924). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57922 |
|
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
|
| CVE-2026-57921 |
|
Vulnerability in jetbrains (CVE-2026-57921)
vulnerability in jetbrains (CVE-2026-57921). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53915 |
|
Vulnerability in jetbrains (CVE-2026-53915)
vulnerability in jetbrains (CVE-2026-53915). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50242 |
|
Vulnerability in jetbrains (CVE-2026-50242)
vulnerability in jetbrains (CVE-2026-50242). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49385 |
|
Vulnerability in jetbrains (CVE-2026-49385)
vulnerability in jetbrains (CVE-2026-49385). Data can be tampered with by attackers.
|
| CVE-2026-49384 |
|
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible
|
| CVE-2026-49383 |
|
In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible
In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible
|
| CVE-2026-49382 |
|
Vulnerability in jetbrains (CVE-2026-49382)
vulnerability in jetbrains (CVE-2026-49382). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49381 |
|
In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible
In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible
|
| CVE-2026-49379 |
|
In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names
In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names
|
| CVE-2026-49380 |
|
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible
|
| CVE-2026-49378 |
|
Vulnerability in jetbrains (CVE-2026-49378)
vulnerability in jetbrains (CVE-2026-49378). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49376 |
|
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin
|
| CVE-2026-49375 |
|
Cross-Site Scripting (XSS) in jetbrains (CVE-2026-49375)
cross-site scripting in jetbrains (CVE-2026-49375). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49374 |
|
Vulnerability in jetbrains (CVE-2026-49374)
vulnerability in jetbrains (CVE-2026-49374). Confidential information can be exposed externally.
|
| CVE-2026-49373 |
|
Vulnerability in jetbrains (CVE-2026-49373)
vulnerability in jetbrains (CVE-2026-49373). Confidential information can be exposed externally.
|
| CVE-2026-49372 |
|
In JetBrains TeamCity before 2026.1,
2025.11.5 unauthenticated SSRF via build status was possible
In JetBrains TeamCity before 2026.1,
2025.11.5 unauthenticated SSRF via build status was possible
|
| CVE-2026-49371 |
|
In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible
In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible
|
| CVE-2026-49369 |
|
Authorization Flaw in jetbrains (CVE-2026-49369)
vulnerability in jetbrains (CVE-2026-49369). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49368 |
|
In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible
In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible
|
| CVE-2026-49367 |
|
In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account
In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account
|
| CVE-2026-49366 |
|
In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion
In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion
|
| CVE-2026-44413 |
|
Vulnerability in jetbrains (CVE-2026-44413)
vulnerability in jetbrains (CVE-2026-44413). Confidential information can be exposed externally.
|
| CVE-2024-27199 KEV |
|
[KEV] Vulnerability in Jetbrains teamcity (CVE-2024-27199)
vulnerability in Jetbrains teamcity (CVE-2024-27199). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-27198 KEV |
|
[KEV] Vulnerability in Jetbrains teamcity (CVE-2024-27198)
vulnerability in Jetbrains teamcity (CVE-2024-27198). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-42793 KEV |
|
[KEV] Vulnerability in Jetbrains teamcity (CVE-2023-42793)
vulnerability in Jetbrains teamcity (CVE-2023-42793). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|