Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (523 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-43012 1 Jetbrains 1 Toolbox 2026-02-26 8.3 High
In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible
CVE-2025-54530 1 Jetbrains 1 Teamcity 2026-02-26 7.5 High
In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions
CVE-2025-54531 1 Jetbrains 1 Teamcity 2026-02-26 7.7 High
In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows
CVE-2025-57729 1 Jetbrains 1 Intellij Idea 2026-02-26 6.5 Medium
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start
CVE-2025-57732 1 Jetbrains 1 Teamcity 2026-02-26 7.5 High
In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
CVE-2025-58334 1 Jetbrains 1 Ide Services 2026-02-26 8.1 High
In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate permissions could assign high-privileged role for themselves
CVE-2025-64685 1 Jetbrains 1 Youtrack 2026-02-26 8.1 High
In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure
CVE-2025-64456 1 Jetbrains 1 Resharper 2026-02-26 8.4 High
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
CVE-2025-64457 1 Jetbrains 3 Dottrace, Resharper, Rider 2026-02-26 4.2 Medium
In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition
CVE-2026-28193 1 Jetbrains 1 Youtrack 2026-02-26 8.8 High
In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint
CVE-2026-25847 1 Jetbrains 1 Pycharm 2026-02-26 8.2 High
In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible
CVE-2026-25848 1 Jetbrains 1 Hub 2026-02-26 9.1 Critical
In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible
CVE-2026-28194 1 Jetbrains 1 Teamcity 2026-02-26 4.3 Medium
In JetBrains TeamCity before 2025.11.3 open redirect was possible in the React project creation flow
CVE-2026-28195 1 Jetbrains 1 Teamcity 2026-02-26 4.3 Medium
In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations
CVE-2026-28196 1 Jetbrains 1 Teamcity 2026-02-26 2.3 Low
In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on disk
CVE-2020-29582 3 Jetbrains, Oracle, Redhat 7 Kotlin, Communications Cloud Native Core Network Slice Selection Function, Communications Cloud Native Core Policy and 4 more 2026-02-25 5.3 Medium
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
CVE-2026-25846 1 Jetbrains 1 Youtrack 2026-02-18 6.5 Medium
In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs
CVE-2025-29903 1 Jetbrains 1 Runtime 2026-01-13 5.2 Medium
In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possible
CVE-2025-64773 1 Jetbrains 1 Youtrack 2025-12-11 2.7 Low
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit
CVE-2025-64683 1 Jetbrains 1 Hub 2025-11-21 5.3 Medium
In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API