CVE-2026-49384

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions JetBrains PyCharm versions prior to 2025.3.4

Description Stored Cross-Site Scripting (XSS) is possible within Jupyter notebook Markdown cells. Cross-Site Scripting is a type of security flaw where malicious scripts are injected into trusted websites or applications.

Recommendations Update to version 2025.3.4.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2026-49384

Affected Products

Pycharm

CVE-2026-49384

Weakness Enumeration

Related Identifiers

Affected Products

References · 4