Code Execution Vulnerability in JetBrains Kotlin Product
CVE-2026-53914

6.7MEDIUM

Key Information:

Vendor: Jetbrains
Status: Kotlin
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-53914?

JetBrains Kotlin prior to version 2.4.20 is susceptible to a code execution vulnerability due to unsafe deserialization in its build cache metadata. This flaw can allow attackers to execute arbitrary code, potentially compromising user systems. It's essential for users to be aware of this issue and to update to the latest version to protect their development environments.

Affected Version(s)

Kotlin 0 < 2.4.20

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 11, 2026

CVE-2026-53914 Data

JSON

Jetbrains

What is CVE-2026-53914?

Affected Version(s)

References

CVSS V3.1

Timeline