JetBrains

YouTrack

107 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2026-28193

  • EPSS 0%
  • Veröffentlicht 25.02.2026 12:57:27
  • Zuletzt bearbeitet 26.02.2026 15:59:53

In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint

6.5

CVE-2026-25846

  • EPSS 0%
  • Veröffentlicht 09.02.2026 10:38:59
  • Zuletzt bearbeitet 18.02.2026 20:48:14

In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs

3.7

CVE-2025-64773

  • EPSS 0%
  • Veröffentlicht 11.11.2025 15:23:19
  • Zuletzt bearbeitet 11.12.2025 19:16:00

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit

6.5

CVE-2025-64690

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:28:02
  • Zuletzt bearbeitet 02.12.2025 11:17:57

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers.

7.5

CVE-2025-64689

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:28:01
  • Zuletzt bearbeitet 02.12.2025 11:17:29

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers.

5.3

CVE-2025-64687

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:27:59
  • Zuletzt bearbeitet 02.12.2025 11:16:29

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions.

7.3

CVE-2025-64688

  • EPSS 0.01%
  • Veröffentlicht 10.11.2025 13:27:59
  • Zuletzt bearbeitet 02.12.2025 11:17:02

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers.

7.5

CVE-2025-64685

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:27:58
  • Zuletzt bearbeitet 21.11.2025 16:03:45

In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure

5.3

CVE-2025-64686

  • EPSS 0.01%
  • Veröffentlicht 10.11.2025 13:27:58
  • Zuletzt bearbeitet 02.12.2025 11:15:51

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions.

7.5

CVE-2025-64684

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:27:57
  • Zuletzt bearbeitet 21.11.2025 16:04:15

In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form