criticalCVE-2026-59792

CVE-2026-59792 JetBrains IntelliJ IDEA vulnerability

In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible

ProductJetBrains IntelliJ IDEA
CVSS9.6
EPSS0.00424
UpdatedJuly 12, 2026

Quick answer

JetBrains IntelliJ IDEA should be reviewed and updated if it matches the affected versions. The recommended fix is to apply the vendor-supported patched version or the mitigation steps below, then retest the public website with Fixnx.

Who is affected

Affected versions

  • IntelliJ IDEA before 2026.1.4
  • IntelliJ IDEA 2026.2 affected channel

Fixed versions

  • 2026.1.4 or later vendor-fixed supported build

How to fix it

CVE-2026-59792 affects JetBrains IntelliJ IDEA where path traversal in project workspace ID handling could lead to code execution. Prioritize deployments or workstations that process untrusted project data, issue content, agents, VCS integrations, or email content depending on the product. Update to 2026.1.4 or the vendor-fixed supported build listed by JetBrains for the affected channel or a later vendor-supported patched build listed by JetBrains. Avoid opening untrusted projects and update affected 2026.1 and 2026.2 installations before use.

  1. Inventory all JetBrains IntelliJ IDEA installations, including production servers, developer workstations, plugins, integrations, and hosted/on-prem environments as applicable.
  2. Identify versions below the JetBrains fixed build for CVE-2026-59792: 2026.1.4 or the vendor-fixed supported build listed by JetBrains for the affected channel.
  3. Upgrade JetBrains IntelliJ IDEA to 2026.1.4 or the vendor-fixed supported build listed by JetBrains for the affected channel or a later vendor-supported patched build through the normal JetBrains update channel.
  4. Avoid opening untrusted projects and update affected 2026.1 and 2026.2 installations before use.
  5. Review product roles, project permissions, agent trust, VCS integrations, uploaded content, and plugin configuration for unnecessary exposure.
  6. Review application, audit, email, agent, VCS, and endpoint logs for suspicious payloads or unexpected file/content access around the affected workflow.
  7. If exploitation is suspected, revoke sessions and tokens, rotate integration credentials, remove malicious content, and preserve evidence before cleanup.

Scan now. Google sign-in is only needed to unlock fix guidance.

Verify the fix

  • Confirm JetBrains IntelliJ IDEA reports 2026.1.4 or the vendor-fixed supported build listed by JetBrains for the affected channel or a later vendor-supported patched build.
  • Confirm project workspace IDs are normalized and traversal payloads cannot write or execute outside the intended workspace.
  • Confirm relevant permissions, integrations, agents, and content-rendering paths are limited to the intended trusted users or systems.
  • Run focused regression tests for the affected workflow and verify malicious payloads render safely or are rejected.
  • Document patched build numbers, integration checks, log review, and any credential rotation or content cleanup.

Related categories

Trusted references

FAQ

What is affected by CVE-2026-59792?

JetBrains IntelliJ IDEA versions listed as affected should be reviewed: IntelliJ IDEA before 2026.1.4, IntelliJ IDEA 2026.2 affected channel.

What should I fix first?

Start with internet-facing sites, admin panels, login flows, plugins, themes, modules, packages, and systems that process user-controlled input or sensitive data.

How do I confirm the fix worked?

Apply the patched version or mitigation, clear caches where relevant, retest the affected workflow, and run a new Fixnx scan to verify public website exposure signals.

How are Fixnx security risk categories chosen?

Fixnx keeps one canonical risk page and assigns only broad, relevant categories such as ecosystem, technology area, or vulnerability class.