PatchSiren cyber security CVE debrief
CVE-2024-27199 JetBrains CVE debrief
CVE-2024-27199 is a JetBrains TeamCity relative path traversal vulnerability that CISA has added to the Known Exploited Vulnerabilities catalog. Because CISA also records known ransomware campaign use, organizations running TeamCity should treat remediation as urgent and follow vendor and CISA guidance without delay.
- Vendor
- JetBrains
- Product
- TeamCity
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2026-04-20
- Original CVE updated
- 2026-04-20
- Advisory published
- 2026-04-20
- Advisory updated
- 2026-04-20
Who should care
Organizations running JetBrains TeamCity, especially security, DevOps, and IT teams responsible for patching, hardening, and monitoring CI/CD infrastructure.
Technical summary
The supplied source data identifies CVE-2024-27199 as a relative path traversal issue in JetBrains TeamCity. CISA’s KEV listing indicates known exploitation, and the record also marks known ransomware campaign use, so defenders should prioritize mitigation and removal of exposure over routine patch scheduling.
Defensive priority
Immediate
Recommended defensive actions
- Review JetBrains TeamCity vendor guidance and apply the recommended mitigations or fixes as soon as possible.
- Follow CISA BOD 22-01 guidance where applicable, especially for cloud services.
- If mitigations are unavailable, discontinue use of the affected product or isolate the deployment until it is remediated.
- Confirm exposure and remediation status across all TeamCity instances before the CISA due date.
Evidence notes
This debrief is limited to the supplied CISA KEV metadata and the official reference URLs listed in that record (JetBrains issues-fixed page, JetBrains blog update, NVD, and CVE.org). The corpus provided here does not include the full advisory text, so version-specific details are intentionally omitted.
Official resources
-
CVE-2024-27199 CVE record
CVE.org
-
CVE-2024-27199 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
-
Source item URL
cisa_kev
CISA added CVE-2024-27199 to the Known Exploited Vulnerabilities catalog on 2026-04-20, with a remediation due date of 2026-05-04 and known ransomware campaign use marked as Known.