Main Vulnerability Database Vulnerabilities #VU122468

#VU122468 Missing authentication for critical function in Hub - CVE-2026-25848

Published: February 9, 2026

Vulnerability identifier: #VU122468

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2026-25848

CWE-ID: CWE-306

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Hub

Software vendor:
JetBrains s.r.o.

Description

The vulnerability allows a remote attacker to bypass authentication checks.

The vulnerability exists due to an error in the authentication process. A remote non-authenticated attacker can bypass authentication checks and gain unauthorized access to administrative actions.

Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.

Remediation

Install updates from vendor's website.

External links

https://www.jetbrains.com/privacy-security/issues-fixed/#ba7fe4fc4a7e651624a117e8bb8e30fe

#VU122468 Missing authentication for critical function in Hub - CVE-2026-25848

Description

Remediation

External links

Please verify you're human