This page lists publicly disclosed CVE vulnerabilities affecting jetbrains hub (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-56142 | In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible | [email protected] | 9.9 | 0.41% | 2026-06-19 | 2026-06-26 |
| CVE-2026-56141 | In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeover via predictable restore codes was possible | [email protected] | 9.8 | 0.36% | 2026-06-19 | 2026-06-26 |
| CVE-2026-50242 | In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible | [email protected] | 10.0 | 0.44% | 2026-06-19 | 2026-06-26 |
| CVE-2026-32229 | In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabled | [email protected] | 6.8 | 0.17% | 2026-03-11 | 2026-06-17 |
| CVE-2026-25848 | In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible | [email protected] | 9.1 | 0.43% | 2026-02-09 | 2026-06-17 |
| CVE-2025-64683 | In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API | [email protected] | 5.3 | 0.18% | 2025-11-10 | 2026-06-17 |
| CVE-2025-64682 | In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit | [email protected] | 2.7 | 0.15% | 2025-11-10 | 2026-06-17 |
| CVE-2025-64681 | In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations | [email protected] | 2.7 | 0.16% | 2025-11-10 | 2026-06-17 |
| CVE-2025-24456 | In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication mapping | [email protected] | 6.7 | 0.27% | 2025-01-21 | 2026-06-17 |
| CVE-2024-50573 | In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services | [email protected] | 4.3 | 0.21% | 2024-10-28 | 2026-06-17 |
| CVE-2024-38507 | In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible | [email protected] | 3.5 | 0.24% | 2024-06-18 | 2026-06-17 |
| CVE-2022-48477 | In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing | [email protected] | 4.1 | 0.48% | 2023-04-24 | 2026-06-17 |
| CVE-2022-48429 | In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible | [email protected] | 4.6 | 0.60% | 2023-03-27 | 2026-06-17 |
| CVE-2022-45471 | In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address | [email protected] | 3.5 | 0.52% | 2022-11-18 | 2026-06-17 |
| CVE-2022-34894 | In JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted services | [email protected] | 3.5 | 0.50% | 2022-07-01 | 2026-06-17 |
| CVE-2022-29811 | In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible. | [email protected] | 6.1 | 0.45% | 2022-04-28 | 2026-06-17 |
| CVE-2022-25262 | In JetBrains Hub before 2022.1.14434, SAML request takeover was possible. | [email protected] | 9.8 | 1.42% | 2022-02-25 | 2026-06-17 |
| CVE-2022-25260 | JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF). | [email protected] | 9.1 | 2.35% | 2022-02-25 | 2026-06-17 |
| CVE-2022-25259 | JetBrains Hub before 2021.1.14276 was vulnerable to reflected XSS. | [email protected] | 6.1 | 0.56% | 2022-02-25 | 2026-06-17 |
| CVE-2022-24328 | In JetBrains Hub before 2021.1.13956, an unprivileged user could perform DoS. | [email protected] | 6.5 | 0.79% | 2022-02-25 | 2026-06-17 |