jenkins

1,798 tracked vulnerabilities.

CVE-2026-57307 MEDIUM
Jenkins Zowe zDevOps Plugin - Missing Authorization
Jun 24, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-57306 MEDIUM
Jenkins Zowe zDevOps Plugin - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-57305 MEDIUM
Jenkins Assembla Plugin < 1.4 - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-57304 MEDIUM
Jenkins Assembla Plugin < 1.4 - Missing Authorization
Jun 24, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-57303 HIGH
Jenkins Assembla Plugin < 1.4 - Server-Side Request Forgery (SSRF)
Jun 24, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-57302 MEDIUM
Jenkins FitNesse Plugin - Plaintext Storage of a Password
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57301 HIGH
Jenkins Owasp Zap Plugin < 1.0.7 - Externally Controlled Reference to a Resource in Another Sphere
Jun 24, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-57300 MEDIUM
Jenkins Mcp Server Plugin - Missing Authorization
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57299 MEDIUM
Jenkins Contrast Continuous Application Security Plugin < 3.11 - Unauthenticated Metadata Enumeration
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57297 MEDIUM
Jenkins Contrast Plugin < 3.11 SSRF via Missing Permission Check
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57295 MEDIUM
Jenkins EC2 Fleet Plugin - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-57294 MEDIUM
Jenkins EC2 Fleet Plugin - Missing Authorization
Jun 24, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-57290 MEDIUM
Jenkins Priority Sorter Plugin < 936.v2c01c6b_84449 - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57289 MEDIUM
Jenkins Bitbucket Push And Pull Request Plugin < 3.3.8 - Improper Certificate Validation
Jun 24, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-57288 LOW
Jenkins Active Directory Plugin < 2.41.1 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Jun 24, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-57287 MEDIUM
Jenkins Job Configuration History Plugin - Cleartext Storage of Sensitive Information
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57286 MEDIUM
Jenkins Git Parameter Plugin < 462.vdcf3df2ed2ca_ - Missing Authorization
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57285 MEDIUM
Jenkins GitHub Branch Source Plugin - Missing Authorization
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57284 MEDIUM
Jenkins Pipeline: Groovy Plugin < 4331.v9d06ed4658ff - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57283 MEDIUM
Jenkins Pipeline: Groovy Plugin < 4331.v9d06ed4658ff - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57282 MEDIUM
Jenkins Git Client Plugin < 6.6.0 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Jun 24, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-57281 HIGH
Jenkins Script Security Plugin < 1402.v94c9ce464861 - Protection Mechanism Failure
Jun 24, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-57280 HIGH
Jenkins Script Security Plugin < 1402.v94c9ce464861 - Protection Mechanism Failure
Jun 24, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-53442 MEDIUM
Jenkins - Missing Encryption of Sensitive Data
Jun 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-53441 MEDIUM
Jenkins - XSS
Jun 10, 2026
CVSS 5.4
EPSS 0.00