In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access