CVE-2025-64457

Published: Nov 10, 2025Modified: Jan 12, 2026

7.0

Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.0 / Impact: 5.9

Source: NVD

Description

In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition

Affected (3)

Products: Jetbrains: Dottrace, Resharper, Rider

3 products

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Jetbrains Dottrace	Before 2025.2.5
Jetbrains Resharper	Before 2025.2.5
Jetbrains Rider	Before 2025.2.5

Related CWEs

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

References (1)

https://www.jetbrains.com/privacy-security/issues-fixed/

Source: cve@jetbrains.com

Vendor Advisory

Timeline

No history available yet.