What is the CVSS score of CVE-2026-32229?

CVE-2026-32229 has a CVSS 3.1 base score of 6.8 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of Hub are affected by CVE-2026-32229?

Organizations using JetBrains Hub should be aware of notable risk from CVE-2026-32229 rated CVSS 6.8. Exploitation could compromise the security of affected deployments.

Hub CVE-2026-32229

MEDIUM

Authentication Bypass by Spoofing (CWE-290)

2026-03-11 cve@jetbrains.com

Authentication Bypass Hub

6.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

6.8 MEDIUM

AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:06 vuln.today

CVE Published

Mar 11, 2026 - 15:16 nvd

MEDIUM 6.8

DescriptionCVE.org

In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabled

AnalysisAI

JetBrains Hub versions prior to 2026.1 contain an authentication bypass vulnerability where attackers with valid credentials can gain unauthorized access to accounts through sign-in mismatches when SSO is disabled and two-factor authentication is not configured. An authenticated attacker can exploit this to achieve both confidentiality and integrity violations. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	CVSS 6.8 (MEDIUM). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker could exploit this vulnerability to compromise the affected system.
Remediation	Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 30 days: Identify affected systems running JetBrains Hub and apply vendor patches as part of regular patch cycle. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-32229 vulnerability details – vuln.today

Back

Hub CVE-2026-32229

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code