ACCORDING to CISA, the Known Exploited Vulnerabilities Catalog lists JetBrains TeamCity Relative Path Traversal Vulnerability (CVE-2024-27199), which could allow limited admin actions. Date Added is 20 April 2026 and Due Date is 4 May 2026. Known To Be Used in Ransomware Campaigns? Unknown. Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
CISA Adds Critical JetBrains TeamCity Flaw to KEV Catalogue
CyberSIXT Evidence Panel
Article by CyberSIXT