PT-2026-57183 · Jetbrains · Intellij Idea
Published
2026-07-10
·
Updated
2026-07-10
·
CVE-2026-59792
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
JetBrains IntelliJ IDEA versions prior to 2026.1.4
JetBrains IntelliJ IDEA versions prior to 2026.2
Description
Improper handling of the project workspace ID allows for a relative path traversal, which can be leveraged to achieve remote code execution. This issue follows a malicious-project threat model where a developer opening or working with a project influenced by an attacker can trigger code execution on their local machine. The flaw occurs during the processing of the workspace ID variable.
Recommendations
Update to version 2026.1.4.
Update to version 2026.2.
Fix
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intellij Idea