CVE-2026-49377
MEDIUMDescription
In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters
Is your site exposed to CVE-2026-49377?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| jetbrains | teamcity |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2026-49377? +
How severe is CVE-2026-49377? +
What products are affected by CVE-2026-49377? +
How do I check if I'm vulnerable to CVE-2026-49377? +
Related Vulnerabilities
python-utcp is the python implementation of UTCP. Prior to 1.1.3, _prepare_environment() in cli_communication_protocol.py passes a full copy of os.environ to …
A credential leak in OpenC3 COSMOS before v6.0.2 allows attackers to access service credentials as environment variables stored in all …
A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's …
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after …
An information disclosure flaw was found in OpenShift's internal image registry operator. The AZURE_CLIENT_SECRET can be exposed through an environment …
Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies …