In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms

In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page

In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration

In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies

In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows

In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions

In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration

In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow

In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions

Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.