Improper Authorization Vulnerability in JetBrains YouTrack Product
CVE-2026-57923

5.3MEDIUM

Key Information:

Vendor: Jetbrains
Status: Youtrack
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-57923?

JetBrains YouTrack prior to version 2026.2.16593 contains a vulnerability that permits unauthorized modifications to project settings through the app configurations endpoint. This flaw can compromise the integrity of project configurations, allowing attackers to alter essential settings without appropriate access permissions. Users are advised to upgrade to the latest version to mitigate the risks associated with this vulnerability.

Affected Version(s)

YouTrack 0 < 2026.2.16593

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 26, 2026

CVE-2026-57923 Data

JSON

Jetbrains

What is CVE-2026-57923?

Affected Version(s)

References

CVSS V3.1

Timeline