EUVD-2026-23386

| CVE-2026-33392 HIGH
2026-04-17 JetBrains
Authentication Bypass Ssti Youtrack
7.2
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
patch_available
Apr 17, 2026 - 09:01 EUVD
Analysis Generated
Apr 17, 2026 - 08:22 vuln.today

DescriptionNVD

In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass

AnalysisAI

Remote code execution in JetBrains YouTrack versions before 2025.3.131383 allows high-privileged authenticated users to bypass sandbox protections and execute arbitrary code on the server. CVSS 7.2 reflects network accessibility with low attack complexity but requires high privileges (administrative access). …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: identify all YouTrack instances and document current versions; restrict administrative access to YouTrack to essential personnel only and enforce multi-factor authentication on all admin accounts. Within 7 days: implement network segmentation to isolate YouTrack from critical infrastructure; disable or restrict server-side template functionality if configuration options exist; conduct access review of all admin accounts created or modified in the past 90 days. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-23386 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy