VYPR

Teamcity

by Jetbrains

Source repositories

CVEs (267)

  • CVE-2024-27199HigKEVMar 4, 2024
    risk 0.73cvss 7.3epss 1.00

    In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible

  • CVE-2026-44413HigMay 11, 2026
    risk 0.53cvss 8.2epss 0.00

    In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access

  • CVE-2026-49374HigMay 29, 2026
    risk 0.49cvss 7.6epss 0.00

    In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters

  • CVE-2026-49372HigMay 29, 2026
    risk 0.49cvss 7.5epss 0.00

    In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible

  • CVE-2026-49373HigMay 29, 2026
    risk 0.46cvss 7.1epss 0.00

    In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings

  • CVE-2026-49371HigMay 29, 2026
    risk 0.46cvss 7.1epss 0.00

    In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible

  • CVE-2026-49379MedMay 29, 2026
    risk 0.42cvss 6.5epss 0.00

    In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names

  • CVE-2026-49376MedMay 29, 2026
    risk 0.42cvss 6.5epss 0.00

    In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin

  • CVE-2026-49375MedMay 29, 2026
    risk 0.40cvss 6.1epss 0.00

    In JetBrains TeamCity before 2026.1, 2025.11.5 reflected XSS was possible on the repository download page

  • CVE-2026-49378MedMay 29, 2026
    risk 0.28cvss 4.3epss 0.00

    In JetBrains TeamCity before 2026.1 credentials parameters were exposed via parameter autocompletion

  • CVE-2026-49377MedMay 29, 2026
    risk 0.28cvss 4.3epss 0.01

    In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters

  • CVE-2024-27198KEVMar 4, 2024
    risk 0.28cvss epss 1.00

    In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible

  • CVE-2023-42793KEVSep 19, 2023
    risk 0.28cvss epss 1.00

    In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible

  • CVE-2026-49381LowMay 29, 2026
    risk 0.22cvss 3.4epss 0.00

    In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible

  • CVE-2026-49380LowMay 29, 2026
    risk 0.20cvss 3.1epss 0.00

    In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible

  • CVE-2024-23917Feb 6, 2024
    risk 0.06cvss epss 0.54

    In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible

  • CVE-2024-43810Aug 16, 2024
    risk 0.04cvss epss 0.00

    In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin

  • CVE-2024-41825Jul 22, 2024
    risk 0.04cvss epss 0.00

    In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab

  • CVE-2024-36374May 29, 2024
    risk 0.04cvss epss 0.00

    In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible

  • CVE-2024-36373May 29, 2024
    risk 0.04cvss epss 0.00

    In JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible

Page 1 of 14