CVE-2026-41882 HIGH

CVE-2026-41882

Vendor Jetbrains
Product IntelliJ IDEA
Weakness CWE-59
Published April 30, 2026
Last update April 30, 2026

CVSS base score

7.4/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server

Key dates

02Disclosure timeline

April 30, 2026 CVE published
April 30, 2026 Record updated