jenkins
1,798 tracked vulnerabilities.
CVE-2026-57307
MEDIUM
Jenkins Zowe zDevOps Plugin - Missing Authorization
Jun 24, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-57306
MEDIUM
Jenkins Zowe zDevOps Plugin - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-57305
MEDIUM
Jenkins Assembla Plugin < 1.4 - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-57304
MEDIUM
Jenkins Assembla Plugin < 1.4 - Missing Authorization
Jun 24, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-57303
HIGH
Jenkins Assembla Plugin < 1.4 - Server-Side Request Forgery (SSRF)
Jun 24, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-57302
MEDIUM
Jenkins FitNesse Plugin - Plaintext Storage of a Password
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57301
HIGH
Jenkins Owasp Zap Plugin < 1.0.7 - Externally Controlled Reference to a Resource in Another Sphere
Jun 24, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-57300
MEDIUM
Jenkins Mcp Server Plugin - Missing Authorization
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57299
MEDIUM
Jenkins Contrast Continuous Application Security Plugin < 3.11 - Unauthenticated Metadata Enumeration
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57297
MEDIUM
Jenkins Contrast Plugin < 3.11 SSRF via Missing Permission Check
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57295
MEDIUM
Jenkins EC2 Fleet Plugin - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-57294
MEDIUM
Jenkins EC2 Fleet Plugin - Missing Authorization
Jun 24, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-57290
MEDIUM
Jenkins Priority Sorter Plugin < 936.v2c01c6b_84449 - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57289
MEDIUM
Jenkins Bitbucket Push And Pull Request Plugin < 3.3.8 - Improper Certificate Validation
Jun 24, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-57288
LOW
Jenkins Active Directory Plugin < 2.41.1 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Jun 24, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-57287
MEDIUM
Jenkins Job Configuration History Plugin - Cleartext Storage of Sensitive Information
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57286
MEDIUM
Jenkins Git Parameter Plugin < 462.vdcf3df2ed2ca_ - Missing Authorization
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57285
MEDIUM
Jenkins GitHub Branch Source Plugin - Missing Authorization
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57284
MEDIUM
Jenkins Pipeline: Groovy Plugin < 4331.v9d06ed4658ff - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57283
MEDIUM
Jenkins Pipeline: Groovy Plugin < 4331.v9d06ed4658ff - Cross-Site Request Forgery (CSRF)
Jun 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-57282
MEDIUM
Jenkins Git Client Plugin < 6.6.0 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Jun 24, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-57281
HIGH
Jenkins Script Security Plugin < 1402.v94c9ce464861 - Protection Mechanism Failure
Jun 24, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-57280
HIGH
Jenkins Script Security Plugin < 1402.v94c9ce464861 - Protection Mechanism Failure
Jun 24, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-53442
MEDIUM
Jenkins - Missing Encryption of Sensitive Data
Jun 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-53441
MEDIUM
Jenkins - XSS
Jun 10, 2026
CVSS 5.4
EPSS 0.00
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters