CVE-2026-25848

CRITICAL
2026-02-09 [email protected]
9.1
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Feb 09, 2026 - 11:16 nvd
CRITICAL 9.1

Tags

Authentication Bypass Hub

Description

In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible

Analysis

JetBrains Hub before 2025.3.119807 has an authentication bypass allowing administrative actions without proper credentials.

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all Hub instances and confirm versions; isolate affected systems from untrusted networks if possible; enable enhanced logging and monitoring for unauthorized access attempts. Within 7 days: Implement network-based access controls restricting Hub administrative functions to trusted IP ranges; apply any available vendor workarounds or hotfixes; establish incident response procedures. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

46
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +46
POC: 0

Share

CVE-2026-25848 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy