Code Execution Vulnerability in JetBrains IntelliJ IDEA Copyright Plugin
CVE-2026-49382

4.5MEDIUM

Key Information:

Vendor: Jetbrains
Status: Intellij Idea
Vendor: CVE Published:; 29 May 2026

What is CVE-2026-49382?

A code execution vulnerability has been identified in the Copyright plugin of JetBrains IntelliJ IDEA prior to version 2026.1. This vulnerability allows attackers to exploit template injection flaws, potentially leading to unauthorized code execution within the software environment. Users are advised to update to the latest version to mitigate the risk associated with this issue.

Affected Version(s)

IntelliJ IDEA 0 < 2026.1

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

4.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2026
Vulnerability Reserved
May 29, 2026

CVE-2026-49382 Data

JSON

Jetbrains

What is CVE-2026-49382?

Affected Version(s)

References

CVSS V3.1

Timeline