CVE-2026-25847

CVSS v3.1

8.2

High

Vector

AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L

Name of the Vulnerable Software and Affected Versions JetBrains PyCharm versions prior to 2025.3.2

Description A DOM-based Cross-Site Scripting (XSS) issue exists on the Jupyter viewer page. This allows for potential malicious code execution within the browser context of a user viewing Jupyter notebooks.

Recommendations Update JetBrains PyCharm to version 2025.3.2 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

BDU:2026-02446

CVE-2026-25847

Affected Products

Pycharm

CVE-2026-25847

Weakness Enumeration

Related Identifiers

Affected Products

References · 9