Primary

Context

JetBrains YouTrack Race Condition Vulnerability Allowing Helpdesk Agent Limit Bypass

Vulnerability

Patched

A race condition vulnerability has been identified in JetBrains YouTrack, prior to version 2025.3.104432, allowing users to bypass the helpdesk agent limit. This issue arises from improper synchronization, which could be exploited to manipulate the agent-user limit, potentially leading to unauthorized access or actions within the application.

Impact

Exploitation of this vulnerability could lead to unauthorized bypassing of helpdesk agent limits, allowing users to exceed their allocated agent allowances and potentially access additional functionalities or data.

Remediation

Users can update to JetBrains YouTrack version 2025.3.104432 or later to address this vulnerability.

Added: Nov 11, 2025, 4:18 PM

Updated: Nov 11, 2025, 4:18 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

4.4

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

4.4

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

JetBrains YouTrack Race Condition Vulnerability Allowing Helpdesk Agent Limit Bypass

Vulnerability

Impact

Remediation

Affected Products

JetBrains YouTrack

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating