jenkins

1,755 tracked vulnerabilities.

CVE-2025-64147 MEDIUM
Jenkins Curseforge Publisher Plugin 1.0 - Sensitive Data Exposure via Unmasked API Keys
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64146 MEDIUM
Jenkins Curseforge Publisher Plugin 1.0 - Unencrypted API Key Storage in config.xml
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64145 MEDIUM
Jenkins ByteGuard Build Actions Plugin 1.0 - Sensitive Data Exposure via Unmasked API Tokens
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64144 MEDIUM
Jenkins ByteGuard Build Actions Plugin 1.0 - Unencrypted API Token Storage in Job Configuration
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64143 MEDIUM
Jenkins OpenShift Pipeline Plugin <= 1.0.57 - Unencrypted Authorization Token Storage in config.xml
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64142 MEDIUM
Jenkins Nexus Task Runner Plugin <= 0.9.2 - Missing Authorization for URL Connection
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64141 MEDIUM
Jenkins Nexus Task Runner Plugin <= 0.9.2 - Cross-Site Request Forgery
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64140 HIGH
Jenkins Azure CLI Plugin < 0.9 - Authenticated OS Command Injection
Oct 29, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-64139 MEDIUM
Jenkins Start Windocks Containers Plugin < 1.4 - Missing Authorization
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64138 MEDIUM
Jenkins Start Windocks Containers Plugin < 1.4 - Cross-Site Request Forgery
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64137 MEDIUM
Jenkins Themis < 1.4.1 - Server-Side Request Forgery via Missing Permission Check
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64136 MEDIUM
Jenkins Themis Plugin < 1.4.1 - Cross-Site Request Forgery
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64135 MEDIUM
Jenkins Eggplant Runner Plugin <0.0.1.301.v963cffe8ddb_8 - Info Dis...
Oct 29, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-64134 HIGH
Jenkins JDepend Plugin < 1.3.1 - XML External Entity Injection
Oct 29, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-64133 MEDIUM
Jenkins Extensible Choice Parameter Plugin < 239.v5f5c278708cf - Cross-Site Request Forgery
Oct 29, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-64132 MEDIUM
Jenkins MCP Server Plugin < 0.84.v50ca_24ef83f2 - Missing Authorization in MCP Tools
Oct 29, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-64131 HIGH
Jenkins SAML Plugin <4.583 - Auth Bypass
Oct 29, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-59476 MEDIUM
Jenkins < 2.516.3 and < 2.528 - Log Forgery via Line Break Injection
Sep 17, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-59475 MEDIUM
Jenkins < 2.516.3 and < 2.528 - Missing Authorization in User Profile Dropdown Menu
Sep 17, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-59474 MEDIUM NUCLEI
Jenkins < 2.516.3 and < 2.528 - Missing Authorization for Agent Name Listing via Sidepanel Executors Widget
Sep 17, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-58460 MEDIUM
Jenkins OpenTelemetry Plugin <3.1543.v8446b_92b_cd64 - SSRF
Sep 03, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-58459 MEDIUM
Jenkins global-build-stats Plugin < 322.v22f4db_18e2dd - Improper Access Control in REST API Endpoints
Sep 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-58458 MEDIUM
Jenkins Git client Plugin <6.3.2 - Info Disclosure
Sep 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-53743 MEDIUM
Jenkins Applitools Eyes Plugin <1.16.5 - Info Disclosure
Jul 09, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-53742 MEDIUM
Jenkins Applitools Eyes Plugin <1.16.5 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
Products
jenkins 259 pipeline\ 37 script_security 33 blue_ocean 11 git 11 email_extension 10 active_directory 9 build_failure_analyzer 9 config_file_provider 9 configuration_as_code 9 ns-nd_integration_performance_publisher 8 credentials_binding 7 github_branch_source 7 html_publisher 7 kubernetes 7 openid_connect_authentication 7 openshift_deployer 7 rundeck 7 subversion 7 amazon_ec2 6 azure_ad 6 azure_vm_agents 6 deployment_dashboard 6 electricflow 6 gerrit_trigger 6 github 6 github_pull_request_builder 6 gitlab 6 google_compute_engine 6 hashicorp_vault 6
Quick Filters
Critical CVEs With Exploits In CISA KEV