ReportizFlow
Filtered by vendor Jetbrains
Subscriptions
Total
573 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56141 | 1 Jetbrains | 1 Hub | 2026-06-19 | 9.8 Critical |
| In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeover via predictable restore codes was possible | ||||
| CVE-2026-50242 | 1 Jetbrains | 1 Hub | 2026-06-19 | 10 Critical |
| In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible | ||||
| CVE-2026-53915 | 1 Jetbrains | 1 Goland | 2026-06-19 | 7.1 High |
| In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration | ||||
| CVE-2026-56142 | 1 Jetbrains | 1 Hub | 2026-06-19 | 9.6 Critical |
| In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible | ||||
| CVE-2026-49373 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 7.1 High |
| In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings | ||||
| CVE-2026-49374 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 7.6 High |
| In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters | ||||
| CVE-2026-49375 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 6.1 Medium |
| In JetBrains TeamCity before 2026.1, 2025.11.5 reflected XSS was possible on the repository download page | ||||
| CVE-2026-49376 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 6.5 Medium |
| In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin | ||||
| CVE-2026-49377 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 4.3 Medium |
| In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters | ||||
| CVE-2026-49378 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 4.3 Medium |
| In JetBrains TeamCity before 2026.1 credentials parameters were exposed via parameter autocompletion | ||||
| CVE-2026-49379 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 6.5 Medium |
| In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names | ||||
| CVE-2026-49380 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 3.1 Low |
| In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible | ||||
| CVE-2026-49381 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 3.4 Low |
| In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible | ||||
| CVE-2026-49372 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 7.5 High |
| In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible | ||||
| CVE-2026-49371 | 1 Jetbrains | 1 Teamcity | 2026-06-02 | 7.1 High |
| In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible | ||||
| CVE-2026-49382 | 1 Jetbrains | 1 Intellij Idea | 2026-06-01 | 4.5 Medium |
| In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin | ||||
| CVE-2026-49366 | 1 Jetbrains | 1 Intellij Idea | 2026-06-01 | 7.8 High |
| In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion | ||||
| CVE-2026-49383 | 1 Jetbrains | 1 Intellij Idea | 2026-06-01 | 3.3 Low |
| In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible | ||||
| CVE-2026-49367 | 1 Jetbrains | 1 Intellij Idea | 2026-06-01 | 8 High |
| In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account | ||||
| CVE-2026-49368 | 1 Jetbrains | 1 Youtrack | 2026-06-01 | 8.7 High |
| In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible | ||||