CVE Tools

jetbrains

DevTools & CICZcommercial

525

Cumulative CVEs

45

Monthly snapshots

#19

Peak rank

Top products

teamcity12 youtrack5 intellij idea4

Latest CVEs

The 15 most recently published vulnerabilities affecting jetbrains.

CVE-2026-50242In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was...10.0Jun 19, 2026
CVE-2026-56142In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible9.9Jun 19, 2026
CVE-2026-56141In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeover via predictable restore codes was possible9.8Jun 19, 2026
CVE-2026-53915In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration7.1Jun 19, 2026
CVE-2026-49386In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas6.5May 29, 2026
CVE-2026-49385In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts6.5May 29, 2026
CVE-2026-49384In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible6.1May 29, 2026
CVE-2026-49383In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible3.3May 29, 2026
CVE-2026-49382In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin4.5May 29, 2026
CVE-2026-49381In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible3.4May 29, 2026
CVE-2026-49380In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible3.1May 29, 2026
CVE-2026-49379In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names6.5May 29, 2026
CVE-2026-49378In JetBrains TeamCity before 2026.1 credentials parameters were exposed via parameter autocompletion4.3May 29, 2026
CVE-2026-49377In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters4.3May 29, 2026
CVE-2026-49376In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin6.5May 29, 2026