CVE-2025-59458

Published: Sep 17, 2025Modified: Jan 20, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible due to improper command validation

Affected (3)

Products: Jetbrains: Junie

Jetbrains

1 product

Junie

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Jetbrains Junie	Before 243.284.50
Jetbrains Junie	From 251.72.165 to 251.284.50
Jetbrains Junie	From 252.204.139 to 252.284.50

Related CWEs

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

References (1)

https://www.jetbrains.com/privacy-security/issues-fixed/

Source: cve@jetbrains.com

Vendor Advisory

Timeline

No history available yet.