Exposure of TeamCity
CI43
exposure score
1
sites use
3
exploited
4
critical
CVEs
176 resultsCVE-2025-68267MEDIUMIn JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installaEPSS 0.2%CVE-2026-28194MEDIUMIn JetBrains TeamCity before 2025.11.3 open redirect was possible in the React project creation flowEPSS 0.2%CVE-2025-54530HIGHIn JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissionsEPSS 0.2%CVE-2025-54535MEDIUMIn JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithmsEPSS 0.2%CVE-2025-68268MEDIUMIn JetBrains TeamCity before 2025.11.1 reflected XSS was possible on the storage settings pageEPSS 0.2%CVE-2026-49380LOWIn JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possibleEPSS 0.2%CVE-2025-68166MEDIUMIn JetBrains TeamCity before 2025.11 a DOM-based XSS was possible on the OAuth connections tabEPSS 0.2%CVE-2026-28195MEDIUMIn JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurationsEPSS 0.2%CVE-2025-68163LOWIn JetBrains TeamCity before 2025.11 stored XSS was possible on agentpushInstall pageEPSS 0.2%CVE-2024-43114HIGHIn JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissionsEPSS 0.2%CVE-2025-67739LOWIn JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosureEPSS 0.1%CVE-2025-54536MEDIUMIn JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpointEPSS 0.1%CVE-2025-54528MEDIUMIn JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flowEPSS 0.1%CVE-2026-28196LOWIn JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on diskEPSS 0.1%CVE-2025-54529LOWIn JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integrationEPSS 0.1%CVE-2025-57732HIGHIn JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownershipEPSS 0.1%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →