Jetbrains: Security Vulnerabilities
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute
CVSS Score
4.6
EPSS Score
0.001
Published
2025-12-11
In JetBrains TeamCity before 2025.11 path traversal was possible via file upload
CVSS Score
3.8
EPSS Score
0.0
Published
2025-12-11
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit
CVSS Score
2.7
EPSS Score
0.0
Published
2025-11-11
In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-10
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
CVSS Score
8.4
EPSS Score
0.0
Published
2025-11-10
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations
CVSS Score
2.7
EPSS Score
0.0
Published
2025-11-10
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit
CVSS Score
2.7
EPSS Score
0.0
Published
2025-11-10
In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API
CVSS Score
5.3
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-10
In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows
CVSS Score
7.7
EPSS Score
0.0
Published
2025-09-17