Jetbrains: >> Teamcity >> 2.0 Security Vulnerabilities
In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible
CVSS Score
3.4
EPSS Score
0.0
Published
2026-05-29
In JetBrains TeamCity before 2026.1,
2025.11.5 unauthenticated SSRF via build status was possible
CVSS Score
7.5
EPSS Score
0.0
Published
2026-05-29
In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings
CVSS Score
7.1
EPSS Score
0.0
Published
2026-05-29
In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters
CVSS Score
7.6
EPSS Score
0.0
Published
2026-05-29
In JetBrains TeamCity before 2026.1,
2025.11.5 reflected XSS was possible on the repository download page
CVSS Score
6.1
EPSS Score
0.001
Published
2026-05-29
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin
CVSS Score
6.5
EPSS Score
0.0
Published
2026-05-29
In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters
CVSS Score
4.3
EPSS Score
0.0
Published
2026-05-29
In JetBrains TeamCity before 2026.1 credentials parameters were exposed via parameter autocompletion
CVSS Score
4.3
EPSS Score
0.0
Published
2026-05-29
In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names
CVSS Score
6.5
EPSS Score
0.0
Published
2026-05-29
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible
CVSS Score
3.1
EPSS Score
0.0
Published
2026-05-29
Page 1