CVE-2026-49369

Same vendor

• CVE-2026-49386 — In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas (6.5 MEDIUM)
• CVE-2026-49385 — In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts (6.5 MEDIUM)
• CVE-2026-49384 — In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible (6.1 MEDIUM)
• CVE-2026-49383 — In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible (3.3 LOW)
• CVE-2026-49382 — In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin (4.5 MEDIUM)

Same CWE

• CVE-2026-47777 — Mastodon is a free, open-source social network server based on ActivityPub (7.5 HIGH)
• CVE-2016-20075 — WordPress Ultimate Product Catalog 3.8.6 contains an arbitrary file upload vulnerability that allows authenticated users with contributor... (8.8 HIGH)
• CVE-2026-34023 — The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect authorization vulnerability in the WebSocket...
• CVE-2026-2470 — The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions... (4.3 MEDIUM)
• CVE-2026-54398 — An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with object editing permissions to assign a MISP o...