CVE-2026-49366: JetBrains IntelliJ IDEA RCE Vulnerability

CVE-2026-49366 Overview

CVE-2026-49366 is a command injection vulnerability in JetBrains IntelliJ IDEA versions prior to 2026.1.1. The flaw resides in the filename completion feature, where unsanitized filename input is processed in a manner that allows operating system command execution. The vulnerability is classified under [CWE-78], improper neutralization of special elements used in an OS command.

Exploitation requires local access and user interaction, typically triggered when a developer invokes filename completion against attacker-controlled file paths. Successful exploitation yields code execution under the privileges of the IDE user, compromising the confidentiality, integrity, and availability of the developer workstation.

Critical Impact

Attackers can execute arbitrary operating system commands on a developer workstation when IntelliJ IDEA processes a malicious filename through its completion feature.

Affected Products

• JetBrains IntelliJ IDEA versions prior to 2026.1.1
• All editions of IntelliJ IDEA built on the affected platform branch
• Workstations running vulnerable IntelliJ IDEA installations across Windows, macOS, and Linux

Discovery Timeline

• 2026-05-29 - CVE-2026-49366 published to NVD
• 2026-06-01 - Last updated in NVD database

Technical Details for CVE-2026-49366

Vulnerability Analysis

The vulnerability stems from improper neutralization of shell metacharacters in filenames during the IDE's filename completion routine. When IntelliJ IDEA enumerates and presents file path candidates, the data flow eventually reaches an OS-level command construction without adequate sanitization or argument separation. An attacker who controls filenames in a workspace, repository, or shared directory can craft names containing shell metacharacters that the IDE then passes to the underlying operating system.

Because the attack vector is local and requires user interaction, the most realistic exploitation scenario involves a developer opening or browsing a malicious project. Cloning an untrusted Git repository, extracting a malicious archive, or mounting a hostile filesystem all provide attacker-controlled filenames into the IDE's path completion subsystem.

Once executed, injected commands run with the same privileges as the IntelliJ IDEA process. This typically includes access to source code repositories, signed commit credentials, SSH keys, cloud provider tokens cached on disk, and any other secrets accessible to the developer account.

Root Cause

The root cause is a failure to escape or quote shell metacharacters in filenames before they are incorporated into an OS command string. The completion logic treats filenames as trusted strings rather than untrusted input requiring sanitization or safe argument array passing.

Attack Vector

An attacker plants files with names containing shell metacharacters into a directory that a victim later opens in IntelliJ IDEA. When the developer triggers filename completion, the IDE invokes a command that interpolates the malicious filename, causing the injected payload to execute. No network access to the victim is required, but the developer must interact with the malicious project.

No verified proof-of-concept code is publicly available. See the JetBrains Security Issues Fixed advisory for additional technical context.

Detection Methods for CVE-2026-49366

Indicators of Compromise

• Child processes such as cmd.exe, powershell.exe, /bin/sh, or /bin/bash spawned by the IntelliJ IDEA process (idea64.exe, idea, or idea.sh) outside of a user-initiated terminal session.
• Files with unusual shell metacharacters (;, |, `, $(), &&) in their names inside recently cloned or extracted project directories.
• Outbound network connections initiated by shells whose parent process is the IDE.

Detection Strategies

• Monitor process lineage for shells or scripting interpreters spawned by JetBrains IDE binaries on developer endpoints.
• Alert on filesystem events that create files containing shell metacharacters in their names within developer working directories.
• Correlate IDE process activity with unexpected access to credential stores such as ~/.ssh, ~/.aws, or browser cookie databases.

Monitoring Recommendations

• Enable command-line argument logging on developer workstations to capture full child process invocations from IDE processes.
• Track installed IntelliJ IDEA versions across the fleet and flag any instance below 2026.1.1.
• Review repository ingestion workflows and developer onboarding for opportunities where untrusted projects reach developer machines.

How to Mitigate CVE-2026-49366

Immediate Actions Required

• Upgrade IntelliJ IDEA to version 2026.1.1 or later on all developer workstations.
• Inventory endpoints running JetBrains IDEs and prioritize patching machines with access to sensitive source code or production credentials.
• Instruct developers to avoid opening untrusted projects, archives, or repositories until patching is complete.

Patch Information

JetBrains addressed the issue in IntelliJ IDEA 2026.1.1. Refer to the JetBrains Security Issues Fixed page for the official remediation notice and the full list of fixed builds.

Workarounds

• Avoid using filename completion in projects whose contents originate from untrusted sources until the patch is applied.
• Open suspicious repositories inside isolated virtual machines or disposable containers rather than on the primary developer workstation.
• Apply least privilege on developer accounts so that exploitation does not yield administrative access to the host or domain.