Volerion logoVolerion
Volerion logoVolerion

JetBrains IntelliJ IDEA Copyright Plugin Template Injection Vulnerability Allowing Code Execution

Vulnerability

A vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2026.1, allowing code execution through template injection in the Copyright plugin. This issue arises from improper handling of template data, which could be exploited to execute arbitrary code under certain conditions.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution on the user's machine.

Reproduction

To reproduce this vulnerability, open a project in IntelliJ IDEA version prior to 2026.1. Create or edit a file that uses a template supporting injection, such as a copyright file. Introduce a payload that exploits the template engine's capabilities to execute code, such as a script or command that the engine would process as executable rather than as plain text. Save the file and trigger the template processing, which would execute the injected code.

Remediation

Users can upgrade to IntelliJ IDEA version 2026.1 or later to address this vulnerability.

Added: May 29, 2026, 7:22 PM
Updated: May 29, 2026, 7:22 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
7.5
exploitability
3.0
remediation
7.7
relevance
9.6
threat
1.6
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.