Every CVE whose affected-product data names Jetbrains Kotlin, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2020-15824 — CVSS 8.8 (high): In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache…
CVE-2019-10102 — CVSS 8.1 (high): JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection…
CVE-2019-10103 — CVSS 8.1 (high): JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http…
CVE-2019-10101 — CVSS 8.1 (high): JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an…
CVE-2026-53914 — CVSS 6.7 (medium): In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata
CVE-2020-29582 — CVSS 5.3 (medium): In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data…
CVE-2022-24329 — CVSS 5.3 (medium): In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.