CVE-2026-56142

CVSS 9.6 CRITICALEPSS 0.4%CWE-915

Vexday Risk Score

28Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 9.6EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

19 Jun 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected products

JetBrains · Hub

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.jetbrains.com/privacy-security/issues-fixed/