Jetbrains

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-49386 1Jetbrains 1Youtrack Jun 1, 2026 May 29, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas
CVE-2026-49385 1Jetbrains 1Youtrack Jun 1, 2026 May 29, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts
CVE-2026-49384 1Jetbrains 1Pycharm Jun 1, 2026 May 29, 2026 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible
CVE-2026-49383 1Jetbrains 1Intellij Idea Jun 1, 2026 May 29, 2026 N/A· v4 3.3 LOW· v3 N/A· v2 In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible
CVE-2026-49382 1Jetbrains 1Intellij Idea Jun 1, 2026 May 29, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin
CVE-2026-49381 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 4.8 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible
CVE-2026-49380 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible
CVE-2026-49379 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names
CVE-2026-49378 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 4.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2026.1 credentials parameters were exposed via parameter autocompletion
CVE-2026-49377 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 4.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters
CVE-2026-49376 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin
CVE-2026-49375 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2026.1, 2025.11.5 reflected XSS was possible on the repository download page
CVE-2026-49374 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 7.6 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters
CVE-2026-49373 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings
CVE-2026-49372 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible
CVE-2026-49371 1Jetbrains 1Teamcity Jun 2, 2026 May 29, 2026 N/A· v4 8.2 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible
CVE-2026-49370 1Jetbrains 1Youtrack Jun 1, 2026 May 29, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests
CVE-2026-49369 1Jetbrains 1Youtrack Jun 1, 2026 May 29, 2026 N/A· v4 4.3 MEDIUM· v3 N/A· v2 In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on Users and Groups pages
CVE-2026-49368 1Jetbrains 1Youtrack Jun 1, 2026 May 29, 2026 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible
CVE-2026-49367 1Jetbrains 1Intellij Idea Jun 1, 2026 May 29, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account

12 3 4 5...29 Next