In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session
In JetBrains Junie before 252.284.66,
251.284.66,
243.284.66,
252.284.61,
251.284.61,
243.284.61,
252.284.50,
252.284.54,
251.284.54,
251.284.50,
243.284.54,
243.284.50 code execution was possible due
In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit
In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass
In JetBrains Hub before 2026.1.13757,
2025.3.148033,
2025.2.148048,
2025.1.148120,
2024.3.148430,
2024.2.148429 account takeover via predictable restore codes was possible
In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies
In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation
In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration
In JetBrains Junie before 252.284.66,
251.284.66,
243.284.66,
252.284.61,
251.284.61,
243.284.61,
252.284.50,
252.284.54,
251.284.54,
251.284.50,
243.284.54,
243.284.50 information disclosure was poss
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning
In JetBrains YouTrack before 2024.3.52635 potential ReDoS was possible due to vulnerable RegExp in Ruby syntax detector
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit
In JetBrains TeamCity before 2026.1
2025.11.5 authenticated users could expose server API to unauthorised access
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project
In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure