Teamcity JetBrains Teamcity

  1. Vendors
  2. JetBrains
  3. Teamcity

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in JetBrains Teamcity.

Known Exploited JetBrains Teamcity Vulnerabilities

The following JetBrains Teamcity vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
JetBrains TeamCity Authentication Bypass Vulnerability JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.
CVE-2024-27198 Exploit Probability: 94.6% 		March 7, 2024
JetBrains TeamCity Authentication Bypass Vulnerability JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server.
CVE-2023-42793 Exploit Probability: 92.9% 		October 4, 2023

Of the known exploited vulnerabilities above, 2 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings.

By the Year

In 2025 there have been 37 vulnerabilities in JetBrains Teamcity with an average score of 6.9 out of ten. Last year, in 2024 Teamcity had 65 security vulnerabilities published. Right now, Teamcity is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.62.




Year Vulnerabilities Average Score
2025 37 6.92
2024 65 6.30
2023 35 6.36
2022 29 6.64
2021 37 6.52
2020 18 5.84
2019 20 6.48

It may take a day or so for new Teamcity vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent JetBrains Teamcity Security Vulnerabilities

TeamCity < 2025.07.2 Git URL Validation Flaw Causing Credential Leak on Windows
CVE-2025-59457 7.7 - High - September 17, 2025

In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows

Allowlist / Allow List

JetBrains TeamCity <2025.07.2 PT on Project Archive Upload
CVE-2025-59456 5.5 - Medium - September 17, 2025

In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload

Relative Path Traversal

JetBrains TeamCity Project Isolation Bypass (Race Cond.)
CVE-2025-59455 4.2 - Medium - September 17, 2025

In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition

Race Condition

JetBrains TeamCity <2025.07.1> Privilege Escalation via Wrong Dir Ownership
CVE-2025-57732 - August 20, 2025

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership

Improper Ownership Management

TeamCity <2025.07.1 – SMTP Injection via email component
CVE-2025-57733 - August 20, 2025

In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content

Command Injection

TeamCity <2025.07.1: AWS Creds Leak in Docker Scripts
CVE-2025-57734 - August 20, 2025

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files

Insertion of Sensitive Information into Externally-Accessible File or Directory

JetBrains TeamCity CSRF in GitHub App flow (before 2025.07)
CVE-2025-54528 8.8 - High - July 28, 2025

In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow

Session Riding

JetBrains TeamCity < 2025.07 CSRF via External OAuth
CVE-2025-54529 7.5 - High - July 28, 2025

In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration

Session Riding

JetBrains TeamCity <=2025.06 Priv Escalation via Incorrect Directory Permissions
CVE-2025-54530 9.8 - Critical - July 28, 2025

In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions

Incorrect Default Permissions

TeamCity 2025.07 Path Traversal via Plugin Unpacking on Windows
CVE-2025-54531 9.4 - Critical - July 28, 2025

In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows

Relative Path Traversal

JetBrains TeamCity <2025.07 CSRF on GraphQL Endpoint
CVE-2025-54536 8.8 - High - July 28, 2025

In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint

Session Riding

TeamCity <=2025.07 Improper Access Control - Disclosure of Build Settings
CVE-2025-54532 - July 28, 2025

In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies

AuthZ

TeamCity before 2025.07: Improper Access Control Exposes VCS Build Settings
CVE-2025-54533 - July 28, 2025

In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration

AuthZ

TeamCity <=2025.07 Reflected XSS on agentpushPreset
CVE-2025-54534 - July 28, 2025

In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page

XSS

JetBrains TeamCity <2025.07 Weak Hashing of Reset/Verify Tokens
CVE-2025-54535 7.5 - High - July 28, 2025

In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms

Reversible One-Way Hash

TeamCity <=2025.07: Credentials stored in plain text in memory snapshots
CVE-2025-54537 - July 28, 2025

In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots

Cleartext Storage of Sensitive Information

TeamCity before 2025.07: Password Exposure via hg pull command line
CVE-2025-54538 - July 28, 2025

In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command

Cleartext Storage of Sensitive Information

JetBrains TeamCity DOM XSS < 2025.03.3 Performance Monitor
CVE-2025-52875 - June 23, 2025

In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible

XSS

Reflected XSS in JetBrains TeamCity <2025.03.3 favoriteIcon
CVE-2025-52876 - June 23, 2025

In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible

XSS

TeamCity diskUsageBuildsStats XSS Before 2025.03.3
CVE-2025-52877 - June 23, 2025

In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible

XSS

JetBrains TeamCity usernames exposed before 2025.03.3
CVE-2025-52878 - June 23, 2025

In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions

AuthZ

JetBrains TeamCity <2025.03.3: Reflected XSS via NPM Reg
CVE-2025-52879 - June 23, 2025

In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible

XSS

TeamCity <=2025.03.2 Stored XSS via GitHub Checks Webhook
CVE-2025-47851 5.4 - Medium - May 20, 2025

In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible

XSS

TeamCity <= 2025.03.2 Stored XSS via YouTrack integration
CVE-2025-47852 5.4 - Medium - May 20, 2025

In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible

XSS

TeamCity < 2025.03.2 XSS via Jira Integration
CVE-2025-47853 5.4 - Medium - May 20, 2025

In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible

XSS

TeamCity <2025.03.2 VCS Root Edit Open Redirect
CVE-2025-47854 6.1 - Medium - May 20, 2025

In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page

Open Redirect

JetBrains TeamCity XSS on Data Directory Tab (pre-2025.03.1)
CVE-2025-46618 6.1 - Medium - April 25, 2025

In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab

XSS

TeamCity <2025.03.1 Path Validation via loggingPreset | CVE-2025-46433
CVE-2025-46433 9.8 - Critical - April 25, 2025

In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible

Directory traversal

JetBrains TeamCity <2025.03.1: Base64 Credentials Exposed in Logs
CVE-2025-46432 6.5 - Medium - April 25, 2025

In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs

Insertion of Sensitive Information into Log File

TeamCity XSS on Cloud Profiles page before 2025.03
CVE-2025-31140 6.1 - Medium - March 27, 2025

In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page

XSS

TeamCity < 2025.03 credential leakage via Cloud Profiles Exception
CVE-2025-31141 7.5 - High - March 27, 2025

In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page

Generation of Error Message Containing Sensitive Information

Base64 Password Exposure via Build Log in JetBrains TeamCity <2025.03
CVE-2025-31139 6.5 - Medium - March 27, 2025

In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log

Insertion of Sensitive Information into Log File

JetBrains TeamCity DOM-based XSS on Code Inspection Report tab <2024.12.2
CVE-2025-26493 6.1 - Medium - February 11, 2025

In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab

XSS

TeamCity <v2024.12.2 Improper Kubernetes Con Settings Expose Resources
CVE-2025-26492 9.1 - Critical - February 11, 2025

In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources

Insufficiently Protected Credentials

JetBrains TeamCity <=2024.12.1 Reflected XSS on Vault Connection
CVE-2025-24459 6.1 - Medium - January 21, 2025

In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page

XSS

JetBrains TeamCity < 2024.12.1 Improper Access: View Project Names in Agent Pool
CVE-2025-24460 4.3 - Medium - January 21, 2025

In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects names in the agent pool

AuthZ

TeamCity <2024.12.1 Decrypts Connection Secrets via Test Conn
CVE-2025-24461 6.5 - Medium - January 21, 2025

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint

AuthZ

JetBrains TeamCity XMLParser XXE Vulnerability
CVE-2024-56356 7.1 - High - December 20, 2024

In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack

XXE

JetBrains TeamCity RemoteBuildLogController XSS Vulnerability
CVE-2024-56355 5.4 - Medium - December 20, 2024

In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS

XSS

JetBrains TeamCity Password Field Access Vulnerability
CVE-2024-56354 4.9 - Medium - December 20, 2024

In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission

Insufficiently Protected Credentials

JetBrains TeamCity Backup File Exposure Vulnerability
CVE-2024-56353 6.5 - Medium - December 20, 2024

In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies

Improper Removal of Sensitive Information Before Storage or Transfer

JetBrains TeamCity Stored XSS Vulnerability in Agent Details Page
CVE-2024-56352 5.4 - Medium - December 20, 2024

In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page

XSS

JetBrains TeamCity Access Token Revocation Failure
CVE-2024-56351 8.8 - High - December 20, 2024

In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles

Insufficient Session Expiration

JetBrains TeamCity Unauthorized Project Viewing Vulnerability
CVE-2024-56350 4.3 - Medium - December 20, 2024

In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects

AuthZ

JetBrains TeamCity Improper Access Control Vulnerability in Build Logs
CVE-2024-56349 5.3 - Medium - December 20, 2024

In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs

AuthZ

JetBrains TeamCity Improper Access Control Vulnerability in Agent Details
CVE-2024-56348 4.3 - Medium - December 20, 2024

In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents

AuthZ

TeamCity <=2024.07.2 Path Traversal -> Arbitrary File Write
CVE-2024-47949 7.5 - High - October 08, 2024

In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location

Directory traversal

TeamCity < 2024.07.3 Password Exposure via Sonar Runner REST API
CVE-2024-47161 6.5 - Medium - October 08, 2024

In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API

Insufficiently Protected Credentials

JetBrains TeamCity < 2024.07.3 Path Traversal via Server Backups
CVE-2024-47948 7.5 - High - October 08, 2024

In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups

Directory traversal

TeamCity XSS via Global Settings before 2024.07.3
CVE-2024-47951 5.4 - Medium - October 08, 2024

In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for JetBrains Teamcity or by JetBrains? Click the Watch button to subscribe.

JetBrains
Vendor

JetBrains Teamcity
Product

subscribe