CVE-2026-49370
- EPSS 0.23%
- Veröffentlicht 29.05.2026 18:15:47
- Zuletzt bearbeitet 01.06.2026 12:52:41
In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests
CVE-2026-49368
- EPSS 0.2%
- Veröffentlicht 29.05.2026 18:15:46
- Zuletzt bearbeitet 01.06.2026 12:56:25
In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible
CVE-2026-49369
- EPSS 0.2%
- Veröffentlicht 29.05.2026 18:15:46
- Zuletzt bearbeitet 01.06.2026 12:56:04
In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on Users and Groups pages
CVE-2026-33392
- EPSS 0.43%
- Veröffentlicht 17.04.2026 07:46:11
- Zuletzt bearbeitet 20.04.2026 20:18:22
In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass
CVE-2026-28193
- EPSS 0.24%
- Veröffentlicht 25.02.2026 12:57:27
- Zuletzt bearbeitet 26.02.2026 15:59:53
In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint
CVE-2026-25846
- EPSS 0.87%
- Veröffentlicht 09.02.2026 10:38:59
- Zuletzt bearbeitet 18.02.2026 20:48:14
In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs
CVE-2025-64773
- EPSS 0.21%
- Veröffentlicht 11.11.2025 15:23:19
- Zuletzt bearbeitet 11.12.2025 19:16:00
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit
CVE-2025-64690
- EPSS 0%
- Veröffentlicht 10.11.2025 13:28:02
- Zuletzt bearbeitet 02.12.2025 11:17:57
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers.
CVE-2025-64689
- EPSS 0%
- Veröffentlicht 10.11.2025 13:28:01
- Zuletzt bearbeitet 02.12.2025 11:17:29
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers.
CVE-2025-64687
- EPSS 0%
- Veröffentlicht 10.11.2025 13:27:59
- Zuletzt bearbeitet 02.12.2025 11:16:29
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions.