In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure
In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was possible
In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure attribute for cookie settings
In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API
In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on Users and Groups pages
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality
In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests
In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests
In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possible
In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files
Information disclosure in the Networking: Cache component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.
In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form
In JetBrains TeamCity before 2026.1
2025.11.5 authenticated users could expose server API to unauthorised access
A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) a
In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources
In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts
In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration
A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executin
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding
Page 1+ Next →