CVE-2026-44413 - Vulnerability Analysis
HighCVSS: 8.2Last Updated: May 12, 2026
JetBrains TeamCity - Broken Access Control
Overview
JetBrains TeamCity < 2026.1 contains a broken access control vulnerability caused by improper authorization in server API, letting authenticated users expose server API to unauthorized access, exploit requires user authentication.
Severity & Score
Impact
Authenticated users can access server API without proper authorization, potentially leading to unauthorized data access or actions.
Mitigation
Upgrade to version 2026.1 or later.
Social Media Activity(3 posts)
š° High-Severity Flaw in JetBrains TeamCity On-Premises Allows API Exposure (CVE-2026-44413) PATCH NOW: A high-severity vulnerability (CVE-2026-44413) in JetBrains TeamCity On-Premises allows any authenticated user to expose server APIs. All versions up to 2025.11.4 are affected. Upgrade to 2026.1 immediately. š»š§ #TeamCity #JetBrains #CI/CD š https://cyber.netsecops.io
View original post
š CVE-2026-44413 - High (8.2) In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access š https://www.thehackerwire.com/vulnerability/CVE-2026-44413/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-44413 - High (8.2) In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access š https://www.thehackerwire.com/vulnerability/CVE-2026-44413/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-44413
- Severity
- High
- CVSS Score
- 8.2
- Type
- broken_access_control
- Status
- unconfirmed
- EPSS
- 0.2%
- Social Posts
- 3
CWE
- CWE-306
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N