JetBrains TeamCity Leaks Credentials to Disk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.3

JetBrains TeamCity Leaks Credentials to Disk

CVE-2026-28196

Summary

A security issue in JetBrains TeamCity versions before 2025.11.3 can expose sensitive credentials to unauthorized access if versioned settings are disabled. To protect your team's data, update to the latest version of TeamCity or ensure versioned settings are enabled. Consider reviewing your configuration to ensure credentials are handled securely.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
jetbrains	teamcity	<= 2025.11.3	–

Original title

In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on disk

Original description

In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on disk

nvd CVSS3.1 2.3

Vulnerability type

CWE-459

https://www.jetbrains.com/privacy-security/issues-fixed/ Vendor Advisory

Published: 25 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026