VYPR

PyCharm

by Jetbrains

CVEs (7)

  • CVE-2021-30005HigMay 11, 2021
    risk 0.51cvss 7.8epss 0.01

    In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS.

  • CVE-2020-11694HigApr 10, 2020
    risk 0.49cvss 7.5epss 0.02

    In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were included. This is fixed in 2019.2.6 and 2019.3.3.

  • CVE-2019-14958HigOct 2, 2019
    risk 0.49cvss 7.5epss 0.02

    JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation.

  • CVE-2026-49384MedMay 29, 2026
    risk 0.40cvss 6.1epss 0.00

    In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible

  • CVE-2022-29820LowApr 28, 2022
    risk 0.20cvss 3.0epss 0.00

    In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible

  • CVE-2024-37051Jun 10, 2024
    risk 0.01cvss epss 0.04

    GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3,…

  • CVE-2026-25847Feb 9, 2026
    risk 0.00cvss epss 0.00

    In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible