Improper Access Control in JetBrains YouTrack Affects Data Integrity
CVE-2026-57925

4.3MEDIUM

Key Information:

Vendor

Jetbrains
Status
Youtrack
Vendor
CVE Published:
26 June 2026

What is CVE-2026-57925?

In JetBrains YouTrack versions prior to 2026.2.16593, a vulnerability exists that allows unauthorized access to saved queries and tags due to improper access control mechanisms. This inadequacy can potentially lead to sensitive information exposure, impacting user privacy and data integrity. Users of affected versions are recommended to upgrade to the latest version to mitigate these risks and secure their data.

Affected Version(s)

YouTrack 0 < 2026.2.16593

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.