High-Severity Security Issue Affecting TeamCity On-Premises (CVE-2026-44413) – Update to 2026.1 Now
JetBrains disclosed a high‑severity post‑authentication vulnerability (CVE‑2026‑44413) affecting all TeamCity On‑Premises installations up to version 2025.11.4. The flaw allows any logged‑in user to expose portions of the server API to unauthenticated parties. JetBrains released a full fix in TeamCity 2026.1 and a back‑port security‑patch plugin for versions 2017.1 and newer. Cloud‑hosted TeamCity instances are not impacted, so only on‑prem customers need to act.
![[Livestream] TeamCity 2026.1: AI, Pipelines, and Enterprise CI/CD Improvements](https://hixhlmpcokxhartfkpyi.supabase.co/storage/v1/object/public/images/thumbnails/89a99207c0687b6bd008380e12ef78b9.webp)
[Livestream] TeamCity 2026.1: AI, Pipelines, and Enterprise CI/CD Improvements
JetBrains announced TeamCity 2026.1, delivering AI‑enhanced CI/CD capabilities and a more flexible pipeline experience. The release adds native support for both Kotlin DSL and YAML pipelines, and introduces a new TeamCity CLI that embeds popular AI coding agents such as...
Centralized Power: How TeamCity’s Architecture Solves Jenkins’ Scaling Problem
Jenkins’ controller‑agent model hits performance limits as organizations add pipelines, agents, and plugins, often forcing multi‑controller deployments that increase operational overhead. The article contrasts this with TeamCity’s server‑agent architecture, where a single server centralizes configuration while agents scale horizontally. TeamCity...
What Are The Security Risks of CI/CD Plugin Architectures?
Plugin‑centric CI/CD platforms such as Jenkins rely on thousands of community‑maintained extensions, exposing pipelines to inconsistent security practices, abandoned code, and broad permission grants. In 2025 Jenkins alone recorded over seventy plugin‑related CVEs, including remote‑code‑execution flaws that lingered on exposed...