What is the CVSS score of EUVD-2026-23386?

EUVD-2026-23386 has a CVSS 3.1 base score of 7.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Ssti are affected by EUVD-2026-23386?

CVE-2026-33392 affects JetBrains YouTrack and allows authenticated administrators to execute arbitrary code on the server by bypassing sandbox protections through server-side template injection.. A patch is available.

How to fix or mitigate EUVD-2026-23386?

Within 24 hours: identify all YouTrack instances and document current versions; restrict administrative access to YouTrack to essential personnel only and enforce multi-factor authentication on all admin accounts. Within 7 days: implement network segmentation to isolate YouTrack from critical infrastructure; disable or restrict server-side template functionality if configuration options exist; conduct access review of all admin accounts created or modified in the past 90 days. Within 30 days: monitor JetBrains security advisories daily for patch availability for versions before 2025.3.131383; develop contingency plan for YouTrack replacement or air-gapping if patch timeline extends beyond acceptable risk window; perform audit logs review for suspicious administrative activity.

Ssti EUVD-2026-23386

| CVE-2026-33392 HIGH

Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336)

2026-04-17 JetBrains

Authentication Bypass Ssti

7.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Apr 20, 2026 - 20:18 nvd

Patch available

Re-analysis Queued

Apr 17, 2026 - 15:22 vuln.today

cvss_changed

Patch available

Apr 17, 2026 - 09:01 EUVD

Analysis Generated

Apr 17, 2026 - 08:22 vuln.today

EUVD ID Assigned

Apr 17, 2026 - 08:15 euvd

EUVD-2026-23386

Analysis Generated

Apr 17, 2026 - 08:15 vuln.today

CVE Published

Apr 17, 2026 - 07:46 nvd

HIGH 7.2

DescriptionNVD

In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass

AnalysisAI

Sandbox escape in JetBrains YouTrack before 2025.3.131383 allows high-privileged users to execute arbitrary code on the server. The vulnerability affects all YouTrack versions prior to 2025.3.131383 and is classified as both an authentication bypass and server-side template injection (SSTI). …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon

Compromise admin credentials

Delivery

Authenticate to YouTrack

Exploit

Access template/workflow editor

Install

Inject SSTI payload

Bypass sandbox restrictions

Execute

Execute arbitrary code

Impact

Achieve full system compromise

Recon

Compromise admin credentials

Delivery

Authenticate to YouTrack

Exploit

Access template/workflow editor

Install

Inject SSTI payload

Bypass sandbox restrictions

Execute

Execute arbitrary code

Impact

Achieve full system compromise

Vulnerability AssessmentAI

Exploitation	Requires valid credentials for a high-privileged YouTrack user account with administrative permissions (PR:H in CVSS vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	Real-world risk is moderate despite the 7.2 CVSS score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker who has compromised an administrative account (through credential theft, social engineering, or prior system compromise) authenticates to the YouTrack web interface. They navigate to workflow customization, custom field configuration, or issue template editing features and inject malicious template directives that escape the security sandbox. …
Remediation	Upgrade JetBrains YouTrack to version 2025.3.131383 or later, which contains the vendor-released patch for this sandbox bypass vulnerability. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: identify all YouTrack instances and document current versions; restrict administrative access to YouTrack to essential personnel only and enforce multi-factor authentication on all admin accounts. …

Threat intelligence, references, and detailed analysis are available after sign-in.