JetBrains TeamCity prior to version 2026.1 contains an insufficient username validation flaw in its SAML plugin. The weakness, labeled CWE‑863, allows inputs that are not properly verified against expected username patterns or values, potentially enabling an attacker to authenticate or impersonate legitimate users by submitting arbitrary or crafted usernames. The vulnerability could be leveraged to gain unauthorized system access, affecting confidentiality and integrity of TeamCity data depending on the attacker’s credentials. Without explicit details in the description, the scope is assumed to be full compromise if successful, though no denial of service impact is noted.

All installations of JetBrains TeamCity released before 2026.1 are impacted. The flaw resides within the SAML authentication plugin, so any instance relying on SAML SSO and not updated to at least version 2026.1 is vulnerable.

The CVSS score of 6.5 indicates a medium severity vulnerability. EPSS data is not available, so exploitation probability is not quantified, and the vulnerability is not currently listed in CISA’s KEV catalog. The known attack vector is the SAML authentication flow, which is accessible remotely by any user who can trigger a SAML login, making the exploit feasible for attackers with network access to the TeamCity service. Given the medium CVSS score and lack of known exploitation, the overall risk is moderate, but the potential for unauthorized access warrants prompt remediation.