CVE-2026-41153

Medium

Published: 17 April 2026

Published

17 April 2026

Modified

27 April 2026

KEV Added

—

Patch

—

CVSS Score 5.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L

EPSS Score 0.0000 0.0th percentile

Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-41153 is a medium-severity Command Injection (CWE-77) vulnerability in Jetbrains Junie. Its CVSS base score is 5.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 0.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Malicious File (T1204.002) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly mitigates the CVE by requiring timely patching of JetBrains Junie to version 252.549.29 or later, eliminating the command injection vulnerability.

SI-10 Information Input Validation good match

prevent

Prevents command injection by enforcing rigorous validation of untrusted inputs from malicious project files processed by the application.

RA-5 Vulnerability Monitoring and Scanning good match

detect

Identifies systems affected by CVE-2026-41153 through vulnerability scanning, enabling targeted remediation of vulnerable JetBrains Junie installations.

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution

An adversary may rely upon a user opening a malicious file in order to gain execution.

attack.mitre.org →

T1059 Command and Scripting Interpreter Execution

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.

attack.mitre.org →

Why these techniques?

Command injection triggered by opening malicious project file directly enables T1204.002 (Malicious File under User Execution) for initial trigger and T1059 (Command and Scripting Interpreter) for arbitrary OS command execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

In JetBrains Junie before 252.549.29 command execution was possible via malicious project file

Deeper analysisAI

CVE-2026-41153 is a command injection vulnerability (CWE-77) affecting JetBrains Junie versions prior to 252.549.29. The flaw enables arbitrary command execution when a user opens a malicious project file, as disclosed on April 17, 2026, with a CVSS v3.1 base score of 5.8 (AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L).

Exploitation requires local access to the target system, high attack complexity, and user interaction, such as convincing a user to open a specially crafted project file in the affected JetBrains Junie instance; no privileges are needed. A successful attack can result in high confidentiality impact (e.g., unauthorized access to sensitive data), low integrity impact (limited data modification), and low availability impact (partial denial of service).

JetBrains has addressed the issue in version 252.549.29 and later, with details available in their security issues fixed advisory at https://www.jetbrains.com/privacy-security/issues-fixed/. Practitioners should ensure affected installations are updated promptly to mitigate risks.

Details

CWE(s): CWE-77

Affected Products

jetbrains

junie

≤ 252.549.29

CVEs Like This One

CVE-2026-25847Same vendor: Jetbrains

CVE-2026-0975Shared CWE-77

CVE-2025-24458Same vendor: Jetbrains

CVE-2025-23385Same vendor: Jetbrains

CVE-2025-26492Same vendor: Jetbrains

CVE-2025-24456Same vendor: Jetbrains

CVE-2026-25848Same vendor: Jetbrains

CVE-2026-28193Same vendor: Jetbrains

CVE-2025-24459Same vendor: Jetbrains

CVE-2025-31141Same vendor: Jetbrains

References

https://www.jetbrains.com/privacy-security/issues-fixed/
Vendor Advisory · cve@jetbrains.com