CVE-2026-28194 – JetBrains TeamCity Open Redirect Vulnerability in React Project Creation Flow

Vulnerability

Patched

A open redirect vulnerability has been identified in JetBrains TeamCity versions prior to 2025.11.3. This vulnerability occurs during the React project creation process, allowing for unauthorized redirection to external sites.

Impact

Exploitation of this vulnerability could lead to open redirect, potentially allowing for phishing attacks or other malicious activities by redirecting users to harmful sites.

Remediation

Users can update to JetBrains TeamCity version 2025.11.3 or later to address this vulnerability.

Added: Feb 25, 2026, 4:59 PM

Updated: Feb 25, 2026, 4:59 PM

Affected Products

JetBrains TeamCity

Moderate fix1 remedy

cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.11.3

JetBrains YouTrack

Moderate fix1 remedy

cpe:2.3:a:jetbrains:youtrack:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 2025.3.121962

JetBrains Hub

Moderate fix1 remedy

cpe:2.3:a:jetbrains:hub:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.3.119807

JetBrains PyCharm

Moderate fix1 remedy

cpe:2.3:a:jetbrains:pycharm:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.3.2

JetBrains dotTrace

Moderate fix1 remedy

cpe:2.3:a:jetbrains:dottrace:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.2.5

JetBrains ReSharper

Moderate fix1 remedy

cpe:2.3:a:jetbrains:resharper:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.2.5

JetBrains Rider

Moderate fix1 remedy

cpe:2.3:a:jetbrains:rider:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.2.5

JetBrains IntelliJ IDEA

Moderate fix1 remedy

cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.3

JetBrains Toolbox App

Moderate fix1 remedy

cpe:2.3:a:jetbrains:toolbox:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 2.6

JetBrains RubyMine

Moderate fix1 remedy

cpe:2.3:a:jetbrains:rubymine:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.1

JetBrains Ktor

Moderate fix1 remedy

cpe:2.3:a:jetbrains:ktor:*:*:*:*:*:*:*

Moderate fix1 remedy

< 3.1.1

JetBrains Space

Moderate fix1 remedy

cpe:2.3:a:jetbrains:space:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.3

JetBrains UpSource

Moderate fix1 remedy

cpe:2.3:a:jetbrains:upsource:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.1.1883

CVSS Scores

volerion

5.1

CVSS 4.0

5.1

Medium

volerion

4.7

CVSS 3.1

4.7

Medium

nvd@nist.gov

6.1

CVSS 3.1

6.1

Medium

Vendor

4.3

CVSS 3.1

4.3

Medium

Click a row to open the calculator.

References

https://www.jetbrains.com/privacy-security/issues-fixed/

AdvisoryBundleVendor

Showing 1-1 of 1 references

JetBrains TeamCity Open Redirect Vulnerability in React Project Creation Flow

Vulnerability

Impact

Remediation

Affected Products

JetBrains TeamCity

JetBrains YouTrack

JetBrains Hub

JetBrains PyCharm

JetBrains dotTrace

JetBrains ReSharper

JetBrains Rider

JetBrains IntelliJ IDEA

JetBrains Toolbox App

JetBrains RubyMine

JetBrains Ktor

JetBrains Space

JetBrains UpSource

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating