Project Settings Disclosure in JetBrains YouTrack
CVE-2026-57922

3.1LOW

Key Information:

Vendor

Jetbrains
Status
Youtrack
Vendor
CVE Published:
26 June 2026

What is CVE-2026-57922?

The vulnerability in JetBrains YouTrack allows unauthorized access to sensitive project settings through the Management Control Panel (MCP). This issue enables potential attackers to view confidential project information, compromising user security and data integrity. Users are encouraged to update to the latest version to mitigate risks associated with this flaw.

Affected Version(s)

YouTrack 0 < 2026.2.16593

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:
3.1
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.