Data Disclosure Vulnerability in JetBrains YouTrack Software
CVE-2025-64685

8.1HIGH

Key Information:

Vendor: Jetbrains
Status: Youtrack
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-64685?

JetBrains YouTrack, a popular issue tracker and project management tool, is susceptible to a data disclosure vulnerability due to insufficient TLS certificate validation. This flaw allows unauthorized data access, putting sensitive information at risk. Users of versions prior to 2025.3.104432 should take immediate action to update their software to mitigate exposure to potential data breaches.

Affected Version(s)

YouTrack 0 < 2025.3.104432

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Nov 7, 2025

JSON

Jetbrains

What is CVE-2025-64685?

Affected Version(s)

References

CVSS V3.1

Timeline