SonarSource disclosed CVE-2023-42793, an unauthenticated remote code execution vulnerability in JetBrains TeamCity 2023.05.3 and earlier. Exposed on-premises CI/CD servers could let attackers steal source code, service secrets, and private keys, take over build agents, or tamper with software release artifacts. The report identifies the RPC2 authentication-bypass condition and notes that JetBrains fixed the issue in TeamCity 2023.05.4, with suspicious authentication tokens named RPC2 serving as a potential compromise indicator.