High severity7.5NVD Advisory· Published May 29, 2026· Updated Jun 2, 2026
CVE-2026-49372
CVE-2026-49372
Description
In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible
Affected products
2Patches
Vulnerability mechanics
References
1- www.jetbrains.com/privacy-security/issues-fixed/nvdVendor Advisory
News mentions
1- JetBrains TeamCity: 11 CVEs in Bulk Disclosure — RCE, SSRF, and Credential Leaks Patched in 2026.1Vypr Intelligence · May 29, 2026