CSS Injection Vulnerability in JetBrains YouTrack
CVE-2026-59791

3.5LOW

Key Information:

Vendor

Jetbrains

Status
Vendor
CVE Published:
10 July 2026

What is CVE-2026-59791?

A CSS injection vulnerability exists in JetBrains YouTrack versions prior to 2026.2.17012, allowing potential attackers to exploit the application through malicious Mermaid diagram rendering. This vulnerability can lead to unauthorized display of content, affecting the integrity of the application interface and posing a risk to user security.

Affected Version(s)

YouTrack 0 < 2026.2.17012

References

CVSS V3.1

Score:
3.5
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.