HIGH SeverityCVSS 3.18.2CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CVE-2026-44413

Last updated May 11, 2026 · Published May 11, 2026

← Back to list

Description

In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access

Affected products

1 listed

JetBrains:TeamCity

Mappings

CWE

CWE-306

CAPEC

None listed.

Related

Research

AuthenticationA threat-focused guide to authentication, covering attack paths, design pitfalls, and concrete defenses from…

Guides

JWT Security Best PracticesWhat to validate, rotate, and avoid in real systems.
OAuth 2.0 Security Best PracticesCommon pitfalls in PKCE, tokens, and redirect handling.

Training

Authentication PatternsOAuth 2.1, passkeys, WebAuthn, and JWTs - modern identity for modern apps.

CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms

Need help?Get in touch.