📦

hub

Vendor: github

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 3 Code Available
Total RCEs 28 Remote Access
Total CVEs 3 Total Indexed
Avg. EPSS 0.43% Exploit Prob.
Latest CVE CVE-2026-32229 Mar 11

Security Vulnerability Index

Page 1 / 1
6.8 CVSS
CVE-2026-32229

In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabled

EPSS: 0.00%
9.1 CVSS
CVE-2026-25848

In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible

EPSS: 0.01%
6.5 CVSS
CVE-2025-65784

Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows authenticated attackers with low-level privileges to access other users' information via a crafted API request.

EPSS: 0.04%
9.8 CVSS
CVE-2025-65783
RCE

An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF file.

EPSS: 0.12%
5.3 CVSS
CVE-2025-64683

In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API

EPSS: 0.00%
2.7 CVSS
CVE-2025-64682

In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit

EPSS: 0.00%
2.7 CVSS
CVE-2025-64681

In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations

EPSS: 0.00%
6.7 CVSS
CVE-2025-24456

In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication mapping

EPSS: 0.00%
4.3 CVSS
CVE-2024-50573

In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services

EPSS: 0.01%
3.5 CVSS
CVE-2024-38507

In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible

EPSS: 0.36%