A high-severity vulnerability in JetBrains TeamCity (CVE-2026-44413, CVSS 8.2) allows for privilege escalation and could expose parts of the server's REST API to unauthorized users, potentially revealing sensitive information. The article urges administrators of on-premises and self-managed deployments to apply the provided security patch or upgrade to the fixed version; however, specific affected and patched version numbers are not detailed in the provided text.
JetBrains has patched a high-severity vulnerability (CVE-2026-44413) in TeamCity, its popular continuous integration and continuous delivery platform, and is urging organizations with on-premises and self-managed deployments to upgrade to the fixed version or implement a security patch. About CVE-2026-44413 CVE-2026-44413 allows for privilege escalation, and may allow attackers to expose some parts of the TeamCity server API to unauthorized users. TeamCity’s REST API is extensive, with many endpoints, some of which may expose sensitive information … More → The post JetBrains TeamCity vulnerability allows privilege escalation, API exposure (CVE-2026-44413) appeared first on Help Net Security .