CVE Catalog
CVE-2026-57921
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk0.18%
7th percentile — higher than 7% of all known CVEs
Summary
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint.
Risk Assessment
The risk involves potential exposure of sensitive user information, such as personal data or internal notes, which could compromise privacy and organizational security.
Recommendation
It is recommended to immediately update JetBrains YouTrack to version 2026.2.16593 or later, which includes a fix for this vulnerability.
Original NVD description (English source)
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint

