Authorization Context Vulnerability in JetBrains YouTrack
CVE-2025-64686

3.1LOW

Key Information:

Vendor: Jetbrains
Status: Youtrack
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-64686?

JetBrains YouTrack prior to version 2025.3.104432 has a vulnerability where a failure to properly clean up user principal data can result in the unintended reuse of authorization contexts. This issue could allow malicious users to gain unauthorized access to certain functionalities or privileged information that should otherwise be protected.

Affected Version(s)

YouTrack 0 < 2025.3.104432

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Nov 7, 2025

JSON

Jetbrains

What is CVE-2025-64686?

Affected Version(s)

References

CVSS V3.1

Timeline