Breaking: TeamCity 2026.1 Now Available – Security Patch Urged for On-Premises Users
JetBrains has released TeamCity 2026.1, a major update that introduces a command-line interface (CLI), support for Model Context Protocol (MCP) for AI coding agents, and enhanced Pipelines configuration. The release also includes a fix for CVE-2026-44413, a high-severity post-authentication vulnerability affecting all on-premises versions.
“We strongly recommend upgrading to TeamCity 2026.1 or installing the security patch plugin immediately,” said a JetBrains spokesperson. “This flaw could allow authenticated users to expose parts of the server API to unauthorized users.” TeamCity Cloud is not affected.
New CLI and MCP Support Lead the Feature Set
The TeamCity CLI is a free, open-source tool that brings CI/CD control to the terminal and empowers AI agents. With over 60 commands, developers can investigate failed builds, apply fixes, configure pipelines, and retrigger builds without leaving the command line.
“The CLI also includes an agent skill for AI coding agents, enabling them to check build status, analyze failures, and interact with pipelines in real time,” a JetBrains developer explained. “Both you and your AI agent can follow updates via streaming logs and progress indicators.”
Installation commands are provided for macOS, Linux, Windows, and npm. Users authenticate with teamcity auth login --server https://example.com.
Pipelines Enhancements Make Configuration More Powerful
Alongside the CLI, TeamCity 2026.1 delivers Pipelines improvements designed to streamline configuration. The update aims to reduce boilerplate and provide more flexibility for complex builds.
Critical Security Vulnerability: CVE-2026-44413
All on-premises versions of TeamCity are vulnerable to CVE-2026-44413, which allows authenticated users to access restricted API endpoints. JetBrains has released a security patch plugin for versions 2017.1 and later, and the fix is baked into TeamCity 2026.1.
“We have verified that TeamCity Cloud environments were not impacted,” the spokesperson added. “On-premises customers should act promptly.”
AI Assistant and SAML Authentication Now Included
The AI Assistant, previously limited, is now available in Enterprise trial accounts. Additionally, the SAML authentication plugin comes bundled with TeamCity 2026.1, simplifying single sign-on setup.
Background
TeamCity is a continuous integration and delivery server used by thousands of teams. Version 2026.1 follows a series of releases focused on developer experience and security. The vulnerability CVE-2026-44413 was discovered internally and disclosed responsibly.
JetBrains regularly releases patches for on-premises instances; Cloud customers receive updates automatically.
What This Means
For development teams, the CLI and MCP support enable faster troubleshooting and automation. AI agents can now interact with CI/CD pipelines directly, reducing manual intervention. The security fix closes a high-risk vector, making the upgrade essential for organizations running on-premises.
“This release represents a leap forward in how developers and AI tools work together,” noted a JetBrains product manager. “Combined with the security patch, there’s no reason to delay upgrading.”
Livestream and Next Steps
JetBrains will host a livestream on May 12, 2026, to walk through all new features and share development plans for 2026. Registration is open.
For the full list of changes, see the official release notes.
- Upgrade to TeamCity 2026.1 or apply the security patch plugin.
- Explore the new CLI and MCP features.
- Register for the livestream event.