June 5, 2026

CVE Watchtower


← Back to CVE List

CVE-2026-49385NVD

Vulnerability Summary

In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts
Severity Level
MEDIUM(6.5)
Published Date
May 29, 2026
Last Modified
Jun 1, 2026
Exploitation Status
UNKNOWN
Root Weakness (CWE)
CWE-862: Missing Authorization β†—
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
EPSS Score (30-Day)
0.00%Probability
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone

External References