Vulnerabilities in JetBrains

325 results

CVE-2025-57727MEDIUMIn JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote referenceEPSS 0.2%CVE-2026-49384MEDIUMIn JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possibleEPSS 0.2%CVE-2025-64683MEDIUMIn JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users APIEPSS 0.2%CVE-2025-68162LOWIn JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configurationEPSS 0.2%CVE-2025-68267MEDIUMIn JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installaEPSS 0.2%CVE-2022-29812LOWIn JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficientEPSS 0.2%CVE-2025-29903MEDIUMIn JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possibleEPSS 0.2%CVE-2026-28194MEDIUMIn JetBrains TeamCity before 2025.11.3 open redirect was possible in the React project creation flowEPSS 0.2%CVE-2022-48435LOWIn JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log fileEPSS 0.2%CVE-2022-46824MEDIUMIn JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.EPSS 0.2%CVE-2025-54530HIGHIn JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissionsEPSS 0.2%CVE-2025-29932MEDIUMIn JetBrains GoLand before 2025.1 an XXE during debugging was possibleEPSS 0.2%CVE-2022-37010LOWIn JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not Defined" dialog was missedEPSS 0.2%CVE-2026-32229MEDIUMIn JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabledEPSS 0.2%CVE-2025-54535MEDIUMIn JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithmsEPSS 0.2%CVE-2025-68268MEDIUMIn JetBrains TeamCity before 2025.11.1 reflected XSS was possible on the storage settings pageEPSS 0.2%CVE-2026-49380LOWIn JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possibleEPSS 0.2%CVE-2023-38069LOWIn JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain casesEPSS 0.2%CVE-2025-64681LOWIn JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitationsEPSS 0.2%CVE-2025-68166MEDIUMIn JetBrains TeamCity before 2025.11 a DOM-based XSS was possible on the OAuth connections tabEPSS 0.2%

← previouspage 15 / 17next →