Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Feb 25, 2026· Updated Feb 25, 2026

CVE-2026-28195

CVE-2026-28195

Description

In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations

Affected products

1

Jetbrains/Teamcityv5
Range: 0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

www.jetbrains.com/privacy-security/issues-fixed/mitre

News mentions

3

Living Off the Pipeline: Defending Against CI/CD Subversion
SentinelOne Labs · May 15, 2026
JetBrains TeamCity vulnerability allows privilege escalation, API exposure (CVE-2026-44413)
Help Net Security · May 12, 2026
Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks
Infosecurity Magazine · Apr 7, 2026