CVE-2026-49383

Same vendor

• CVE-2026-49386 — In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas (6.5 MEDIUM)
• CVE-2026-49385 — In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts (6.5 MEDIUM)
• CVE-2026-49384 — In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible (6.1 MEDIUM)
• CVE-2026-49382 — In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin (4.5 MEDIUM)
• CVE-2026-49381 — In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible (3.4 LOW)

Same CWE

• CVE-2026-40991 — When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who comp... (5.9 MEDIUM)
• CVE-2026-47960 — ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerab... (7.4 HIGH)
• CVE-2026-8045 — CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side...
• CVE-2026-2253 — Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent c... (7.7 HIGH)
• CVE-2026-3603 — IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through  Interim Fix 021, 7.1.0  Interim Fix 001 through  Interim Fix 009, and... (7.1 HIGH)