Description
In JetBrains TeamCity before 2026.1,
2025.11.5 unauthenticated SSRF via build status was possible
Published: 2026-05-29
Score: 7.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an unauthenticated Server Side Request Forgery that can be triggered via the build status endpoint in JetBrains TeamCity versions prior to 2026.1, including 2025.11.5. Because the endpoint does not require authentication, an attacker can instruct a TeamCity server to send arbitrary HTTP requests to internal or external URLs. The resulting SSRF can expose internal network resources or create a pivot point for further attacks. The weakness corresponds to CWE‑918.

Affected Systems

JetBrains TeamCity installations running any version before 2026.1, notably the 2025.11.5 release, are affected. Users running earlier builds without the 2026.1 update lack protection against the SSRF via build status endpoint.

Risk and Exploitability

The CVSS score of 7.5 indicates a moderate to high severity vulnerability. No EPSS score is available, and it is not listed in the CISA KEV catalog, suggesting that the exact exploitation frequency is unclear. The SSRF can be leveraged by an attacker who can reach the build status URL, potentially from the public Internet, since no authentication is required. Consequently, the attack vector is remote over the network, and the risk is significant for any publicly exposed TeamCity server. Mitigating this issue requires an application update or network restrictions.

Generated by OpenCVE AI on May 29, 2026 at 19:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade JetBrains TeamCity to version 2026.1 or later.
  • If an upgrade cannot be performed immediately, restrict external access to the build status endpoint using firewalls or network segmentation, ensuring only trusted internal networks can reach it.
  • Monitor logs for suspicious requests originating from the build status endpoint and harden related access controls.

Generated by OpenCVE AI on May 29, 2026 at 19:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 29 May 2026 20:00:00 +0000

Type Values Removed Values Added
Title Unauthenticated SSRF via Build Status in JetBrains TeamCity

Fri, 29 May 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Jetbrains
Jetbrains teamcity
Vendors & Products Jetbrains
Jetbrains teamcity

Fri, 29 May 2026 18:30:00 +0000

Type Values Removed Values Added
Description In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Jetbrains Teamcity
cve-icon MITRE

Status: PUBLISHED

Assigner: JetBrains

Published:

Updated: 2026-05-29T19:30:12.967Z

Reserved: 2026-05-29T18:07:55.363Z

Link: CVE-2026-49372

cve-icon Vulnrichment

Updated: 2026-05-29T19:30:08.411Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-29T19:16:27.030

Modified: 2026-05-29T20:11:15.977

Link: CVE-2026-49372

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T19:45:06Z

Weaknesses