CVE-2021-25758: In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to loca
highvulnerability
security
Summary
CVE-2021-25758 is a vulnerability in JetBrains IntelliJ IDEA versions before 2020.3 where insecure deserialization (converting data back into executable code without proper validation) of the workspace model could allow an attacker to run code locally on an affected system. The vulnerability has a CVSS 4.0 severity rating (a moderate security threat).
Vulnerability Details
CVSS Score
7.8(high)
EPSS (30-day exploit probability)
EPSS: 0.0%
Classification
Attack SophisticationModerate
Impact (CIA+S)
integrityconfidentiality
Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-25758
First tracked: February 15, 2026 at 08:53 PM
Classified by LLM (prompt v3) · confidence: 95%