Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional (Core Libraries) allows Sniffing Network Traffic.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.2.0 before 7.3.1.

In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH

In JetBrains TeamCity before 2025.11.1 reflected XSS was possible on the storage settings page

In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installation token

In JetBrains TeamCity before 2025.11 a DOM-based XSS was possible on the OAuth connections tab

In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setup

In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test

In JetBrains TeamCity before 2025.11 stored XSS was possible on agentpushInstall page

In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC) to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration c…