www.cisa.gov 4/21/2026, 12:59:09 AM · via preferred

CISA Adds Critical JetBrains TeamCity Flaw to KEV Catalogue

CyberSIXT Evidence Panel

Primary Source

nvd.nist.gov

CVE Intel

CVE-2024-27199 - NVD CISA KEV due 2026-05-04 7.3 HIGH

CISA KEV Listed in KEV

Patch Patch Available

ACCORDING to CISA, the Known Exploited Vulnerabilities Catalog lists JetBrains TeamCity Relative Path Traversal Vulnerability (CVE-2024-27199), which could allow limited admin actions. Date Added is 20 April 2026 and Due Date is 4 May 2026. Known To Be Used in Ransomware Campaigns? Unknown. Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

View Primary Source Via www.cisa.gov

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline

#2 Apr 21, 2026, 09:21 AM

securityaffairs.com
CISA adds weaponised PaperCut, TeamCity flaws to KEV catalog
#1 Apr 21, 2026, 12:59 AM Current article

www.cisa.gov
CISA Adds Critical JetBrains TeamCity Flaw to KEV Catalogue