CVE Catalog

CVE-2026-57921

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

7th percentile — higher than 7% of all known CVEs

Summary

In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint.

Risk Assessment

The risk involves potential exposure of sensitive user information, such as personal data or internal notes, which could compromise privacy and organizational security.

Recommendation

It is recommended to immediately update JetBrains YouTrack to version 2026.2.16593 or later, which includes a fix for this vulnerability.

Original NVD description (English source)

In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint

Vulnerability data from NVD (NIST) · CISA KEV · EPSS