Authentication Bypass Vulnerability in JetBrains YouTrack
CVE-2026-62422

10CRITICAL

Key Information:

Vendor

Jetbrains

Status
Vendor
CVE Published:
14 July 2026

What is CVE-2026-62422?

JetBrains YouTrack versions prior to 2026.1.13757 are susceptible to an authentication bypass vulnerability. This flaw allows attackers to gain administrative access through direct database access without proper authentication. This presents significant security risks, as unauthorized users can manipulate data and systems, making it essential for users to update their installations promptly to safeguard against potential exploitation. For more information, visit JetBrains' official security page.

Affected Version(s)

YouTrack 0 < 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429

References

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.