
JetBrains patched two remote code execution vulnerabilities in IntelliJ IDEA this month — CVE-2026-49382 and CVE-2026-49366 — and the attack vector for both is something every developer does without thinking: opening a Git repository. The safe version is 2026.1.4. If you’re running anything older than 2026.1.1, update before you clone anything else.
CVE-2026-49382: Your Copyright Plugin Is Executing Arbitrary Code
The first flaw lives in IntelliJ IDEA’s Copyright plugin, which processes template files stored in .idea/copyright/ when a project is opened. The plugin evaluates expressions inside those templates without sanitizing them first — classic template injection (CWE-1336).
The attack is almost frictionless. An attacker drops a malicious .idea/copyright/Default.xml into a repository. A developer clones or opens it. IntelliJ processes the copyright profile automatically — no confirmation prompt, no visible indication. Code runs with the developer’s full OS privileges.
Delivery options for an attacker include a public GitHub repository, a pull request that touches copyright configuration, a shared workspace archive sent over Slack, or a project template downloaded from a blog post. The entire attack surface is “any repo that ever changes hands.” That’s not a niche edge case — it’s the core of how developers collaborate.
Copyright profile changes in pull requests deserve the same scrutiny as CI/CD pipeline changes. If you haven’t added .idea/copyright/ to your team’s PR security checklist, now is the moment.
CVE-2026-49366: Filename Completion Injects Shell Commands
The second vulnerability is a command injection flaw in IntelliJ’s filename completion logic (CWE-78). When the IDE resolves filenames for autocompletion, it passes them into an OS command without sanitizing shell metacharacters first.
The setup requires an attacker to plant files with carefully crafted names — containing shell metacharacters — in a directory the developer opens in the IDE. When the developer triggers filename completion, a completely routine action, the injected payload executes.
The result is identical to CVE-49382: arbitrary code running as the developer. SSH keys, cloud provider credentials cached on disk, AI API keys stored in IDE settings, source code, and signed commit credentials are all in scope. CVE-49366 affects versions before 2026.1.1.
Three Hub Vulnerabilities for Self-Hosted Teams
Teams running self-hosted JetBrains Hub or YouTrack have three additional CVEs to address, and one carries a CVSS score of 9.8.
CVE-2026-56141 is the most severe. Hub’s account recovery flow generated restore codes using a weak pseudo-random number generator (CWE-338), making them predictable enough for an unauthenticated attacker to enumerate. The practical result: anyone who can reach your Hub instance can take over any account, including administrator accounts, without knowing a single password.
CVE-2026-50242 allows authentication bypass via direct database access — admin control without valid credentials. CVE-2026-56142 permits unauthorized authentication details to be attached to existing accounts. All three are fixed in Hub 2026.1.13757, with LTS backports covering 2025.3, 2025.2, 2025.1, 2024.3, and 2024.2.
This Is the Year Your IDE Config Became a Target
The CVE-49382 attack pattern is not isolated. In June 2026, the Miasma worm compromised 73 Microsoft GitHub repositories using configuration files that harvested credentials when repos were opened in AI coding tools. The Megalodon campaign infected over 5,500 repositories in May through malicious automated commits targeting cloud credentials and SSH keys. Security researchers found 15 JetBrains IDE plugins exfiltrating AI provider API keys from developer settings.
The common thread: IDE configuration files are processed automatically, often silently, and developers have been trained to trust them. That trust is now being weaponized. “Open a project” has become a meaningful threat vector, and CVE-2026-49382 is the clearest illustration of it in 2026 so far.
What You Need to Do
- Update IntelliJ IDEA to 2026.1.4 (current latest as of July 2026) via the Toolbox App, Help > Check for Updates, or
sudo snap refreshon Ubuntu - The Copyright plugin ships in PyCharm, WebStorm, GoLand, and other IntelliJ-based IDEs — patch all of them, not just IntelliJ
- Audit
.idea/copyright/in repos you’ve cloned from untrusted or community sources in the past few months - For self-hosted Hub or YouTrack: update to Hub 2026.1.13757 immediately — the CVSS 9.8 on CVE-56141 does not get scheduled for next sprint
- Add
.idea/copyright/changes to your team’s PR security review checklist going forward
JetBrains’ full security advisory is on their fixed security issues page. CVE details are on the NVD for CVE-2026-49382 and CVE-2026-49366. The IntelliJ IDEA 2026.1.4 release notes confirm the current safe build.













