Search CVEs

Top 20 matches Showing top matches — use filters or a more specific query to narrow

CVE-2026-56142

CRITICAL CVSS 9.9

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible

CVE-2026-50242

CRITICAL CVSS 10.0

Find Similar

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was po

CVE-2026-56141

CRITICAL CVSS 9.8

Find Similar

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeover via predictable restore codes was possible

CVE-2025-64457

HIGH CVSS 7.0

Find Similar

In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition

jetbrains

CVE-2026-25848

CRITICAL CVSS 9.8

Find Similar

In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible

jetbrains

CVE-2025-23385

HIGH CVSS 7.8

Find Similar

In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Pr

jetbrains

CVE-2025-53959

HIGH CVSS 7.6

Find Similar

In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible

jetbrains

CVE-2025-64681

LOW CVSS 3.7

Find Similar

In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations

jetbrains

CVE-2026-33392

HIGH CVSS 7.2

Find Similar

In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass

jetbrains

CVE-2025-58334

HIGH CVSS 8.8

Find Similar

In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate permissions could assign high-privileged role for themselves

jetbrains

CVE-2025-64683

HIGH CVSS 7.5

Find Similar

In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API

jetbrains

CVE-2026-32229

MEDIUM CVSS 6.8

Find Similar

In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabled

jetbrains

CVE-2024-50573

MEDIUM CVSS 5.4

Find Similar

In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services

jetbrains

CVE-2026-49369

MEDIUM CVSS 4.3

Find Similar

In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on Users and Groups pages

jetbrains

CVE-2026-49385

MEDIUM CVSS 6.5

Find Similar

In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts

jetbrains

CVE-2026-25846

MEDIUM CVSS 6.5

Find Similar

In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs

jetbrains

CVE-2024-47162

MEDIUM CVSS 5.3

Find Similar

In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page

jetbrains

CVE-2026-28193

MEDIUM CVSS 5.3

Find Similar

In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint

jetbrains

CVE-2024-43114

HIGH CVSS 7.8

Find Similar

In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions

jetbrains

CVE-2025-64684

HIGH CVSS 7.5

Find Similar

In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form

jetbrains

Page 1+ Next →