Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (547 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-41882 1 Jetbrains 1 Intellij Idea 2026-05-02 7.4 High
In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server
CVE-2026-41153 1 Jetbrains 1 Junie 2026-04-27 5.8 Medium
In JetBrains Junie before 252.549.29 command execution was possible via malicious project file
CVE-2024-27199 1 Jetbrains 1 Teamcity 2026-04-21 7.3 High
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
CVE-2026-33392 1 Jetbrains 1 Youtrack 2026-04-20 7.2 High
In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass
CVE-2026-25848 1 Jetbrains 1 Hub 2026-04-18 9.1 Critical
In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible
CVE-2026-28196 1 Jetbrains 1 Teamcity 2026-04-18 2.3 Low
In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on disk
CVE-2026-25846 1 Jetbrains 1 Youtrack 2026-04-17 6.5 Medium
In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs
CVE-2026-25847 1 Jetbrains 1 Pycharm 2026-04-17 8.2 High
In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible
CVE-2026-28193 1 Jetbrains 1 Youtrack 2026-04-17 8.8 High
In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint
CVE-2026-28194 1 Jetbrains 1 Teamcity 2026-04-17 4.3 Medium
In JetBrains TeamCity before 2025.11.3 open redirect was possible in the React project creation flow
CVE-2026-28195 1 Jetbrains 1 Teamcity 2026-04-17 4.3 Medium
In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations
CVE-2026-32229 1 Jetbrains 1 Hub 2026-04-16 6.8 Medium
In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabled
CVE-2026-32745 1 Jetbrains 1 Datalore 2026-04-02 6.3 Medium
In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure attribute for cookie settings
CVE-2025-43012 1 Jetbrains 1 Toolbox 2026-02-26 8.3 High
In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible
CVE-2025-54530 1 Jetbrains 1 Teamcity 2026-02-26 7.5 High
In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions
CVE-2025-54531 1 Jetbrains 1 Teamcity 2026-02-26 7.7 High
In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows
CVE-2025-57729 1 Jetbrains 1 Intellij Idea 2026-02-26 6.5 Medium
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start
CVE-2025-57732 1 Jetbrains 1 Teamcity 2026-02-26 7.5 High
In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
CVE-2025-58334 1 Jetbrains 1 Ide Services 2026-02-26 8.1 High
In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate permissions could assign high-privileged role for themselves
CVE-2025-64685 1 Jetbrains 1 Youtrack 2026-02-26 8.1 High
In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure