CVE-2026-33392 PUBLISHED

Assigner: JetBrains
Reserved: 19.03.2026 Published: 17.04.2026 Updated: 17.04.2026

In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 7.2

Product Status

Vendor JetBrains
Product YouTrack
Versions Default: unaffected
  • affected from 0 to 2025.3.131383 (excl.)

References

Problem Types

  • CWE-1336