Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / jenkins

jenkins

1,755 tracked vulnerabilities.

CVE-2026-42525 MEDIUM

Jenkins Microsoft Entra ID Plugin <=666.v6060de32f87d - Open Redirect

CVE-2026-42524 HIGH

Jenkins HTML Publisher Plugin < 427 - Stored Cross-Site Scripting in Legacy Wrapper File

CVE-2026-42523 CRITICAL

Jenkins GitHub Plugin < 1.46.0 - Stored Cross-Site Scripting via GitHub Hook Trigger Validation

CVE-2026-42522 MEDIUM

Jenkins GitHub Branch Source Plugin <=1967.vdea_d580c1a_b_a_ - Auth Bypass

CVE-2026-42521 MEDIUM

Jenkins Project Jenkins Matrix Authorization Strategy Plugin < 3.2.9 - Information Disclosure

CVE-2026-42520 HIGH

Jenkins Project Jenkins Credentials Binding Plugin < 719.v80e905ef14eb_ - Remote Code Execution

CVE-2026-42519 MEDIUM

Jenkins Script Security Plugin <=1399.ve6a_66547f6e1 - Info Disclosure

CVE-2026-33004 MEDIUM

Jenkins LoadNinja Plugin <=2.1 - Info Disclosure

CVE-2026-33003 MEDIUM

Jenkins LoadNinja Plugin <=2.1 - Info Disclosure

CVE-2026-33002 HIGH

Jenkins 2.426.3-2.554 - DNS Rebinding

CVE-2026-33001 HIGH

Jenkins < 2.555 and LTS < 2.541.3 - Arbitrary File Write via Symbolic Link Handling in Archive Extraction

CVE-2026-27100 MEDIUM

Jenkins < 2.551 and LTS < 2.541.2 - Exposure of Sensitive Build Information via Run Parameter

CVE-2026-27099 HIGH

Jenkins 2.483-2.550 and LTS 2.492.1-2.541.1 - Stored Cross-Site Scripting in Offline Cause Description

CVE-2025-67643 MEDIUM

Jenkins Redpen - Pipeline Reporter for Jira Plugin < 1.054.v7b_9517b_6b_202 Path Traversal

CVE-2025-67642 MEDIUM

Jenkins HashiCorp Vault Plugin <371.v884a_4dd60fb_6 - Privilege Esc...

CVE-2025-67641 MEDIUM

Jenkins Coverage Plugin < 2.3054.ve1ff7b_a_a_123b - Stored Cross-Site Scripting via REST API Configuration

CVE-2025-67640 MEDIUM

Jenkins Git client Plugin < 6.4.1 - OS Command Injection via Workspace Directory Name

CVE-2025-67639 LOW

Jenkins < 2.528.3, 2.529-2.540 - Cross-Site Request Forgery

CVE-2025-67638 MEDIUM

Jenkins < 2.528.3 and 2.529-2.540 - Cleartext Storage of Sensitive Information in Job Configuration Form

CVE-2025-67637 MEDIUM

Jenkins < 2.528.3, 2.529-2.540 - Cleartext Storage of Build Authorization Tokens in config.xml

CVE-2025-67636 MEDIUM

Jenkins < 2.528.3, 2.529-2.540 - Missing Authorization for Encrypted Password Viewing

CVE-2025-67635 HIGH

Jenkins < 2.528.3 and 2.529-2.540 - Unauthenticated Denial of Service via HTTP CLI Connection Handling

CVE-2025-64150 MEDIUM

Jenkins Publish to Bitbucket Plugin < 0.4 - Missing Authorization for Credential Capture via URL Connection

CVE-2025-64149 MEDIUM

Jenkins Publish to Bitbucket Plugin < 0.4 - Cross-Site Request Forgery

CVE-2025-64148 MEDIUM

Jenkins Publish to Bitbucket Plugin < 0.4 - Missing Authorization for Credential ID Enumeration

Page 1 of 71 Next

Products

jenkins 259 pipeline\ 37 script_security 33 blue_ocean 11 git 11 email_extension 10 active_directory 9 build_failure_analyzer 9 config_file_provider 9 configuration_as_code 9 ns-nd_integration_performance_publisher 8 credentials_binding 7 github_branch_source 7 html_publisher 7 kubernetes 7 openid_connect_authentication 7 openshift_deployer 7 rundeck 7 subversion 7 amazon_ec2 6 azure_ad 6 azure_vm_agents 6 deployment_dashboard 6 electricflow 6 gerrit_trigger 6 github 6 github_pull_request_builder 6 gitlab 6 google_compute_engine 6 hashicorp_vault 6

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy