jenkins

1,798 tracked vulnerabilities.

CVE-2026-53440 MEDIUM
Jenkins - URL Redirection to Untrusted Site ('Open Redirect')
Jun 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-53439 MEDIUM
Jenkins - Missing Authorization
Jun 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-53438 MEDIUM
Jenkins - Missing Authorization
Jun 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-53437 MEDIUM
Jenkins - URL Redirection to Untrusted Site ('Open Redirect')
Jun 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-53436 MEDIUM
Jenkins - URL Redirection to Untrusted Site ('Open Redirect')
Jun 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-53435 HIGH
Jenkins - Deserialization of Untrusted Data
Jun 10, 2026
CVSS 8.8
EPSS 0.15
CVE-2026-9674 MEDIUM
Jenkins Multijob Plugin < 662.vd2e0001f6b_b_d - Cross-Site Request Forgery (CSRF)
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-48927 MEDIUM
Jenkins Buildgraph-view Plugin < 1.8 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
May 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-48926 MEDIUM
Jenkins Job Import Plugin < 143.v044a_2e819b_27 - Improper Privilege Management
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-48924 MEDIUM
Jenkins Bitbucket OAuth Plugin < 0.17 - URL Redirection to Untrusted Site ('Open Redirect')
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-48923 MEDIUM
Jenkins AppSpider Plugin < 1.0.17 - Improper Privilege Management
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-48922 HIGH
Jenkins Credentials Binding Plugin < 720.v3f6decef43ea_ - Remote Code Execution
May 27, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-48921 HIGH
Jenkins Pipeline: Groovy Libraries Plugin < 797.v90ea_a_9b_e45a_0 - Arbitrary File Read
May 27, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-48920 HIGH
Jenkins Email Extension Plugin < 1933.v45cec755423f - External Control of File Name or Path
May 27, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-48919 MEDIUM
Jenkins Active Directory Plugin < 2.41 - Deserialization of Untrusted Data
May 27, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-48918 MEDIUM
Jenkins Active Directory Plugin < 2.41 - Server-Side Request Forgery (SSRF)
May 27, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-48917 MEDIUM
Jenkins LDAP Plugin < 807.v7d7de30930cf - Deserialization of Untrusted Data from LDAP Referrals
May 27, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-48916 MEDIUM
Jenkins Ldap Plugin < 807.v7d7de30930cf - Server-Side Request Forgery (SSRF)
May 27, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-42525 MEDIUM
Jenkins Microsoft Entra ID Plugin <=666.v6060de32f87d - Open Redirect
Apr 29, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-42524 HIGH
Jenkins HTML Publisher Plugin < 427 - Stored Cross-Site Scripting in Legacy Wrapper File
Apr 29, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-42523 CRITICAL
Jenkins GitHub Plugin < 1.46.0 - Stored Cross-Site Scripting via GitHub Hook Trigger Validation
Apr 29, 2026
CVSS 9.0
EPSS 0.00
CVE-2026-42522 MEDIUM
Jenkins GitHub Branch Source Plugin <=1967.vdea_d580c1a_b_a_ - Auth Bypass
Apr 29, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-42521 MEDIUM
Jenkins Project Jenkins Matrix Authorization Strategy Plugin < 3.2.9 - Information Disclosure
Apr 29, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-42520 HIGH
Jenkins Project Jenkins Credentials Binding Plugin < 719.v80e905ef14eb_ - Remote Code Execution
Apr 29, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-42519 MEDIUM
Jenkins Script Security Plugin <=1399.ve6a_66547f6e1 - Info Disclosure
Apr 29, 2026
CVSS 4.3
EPSS 0.00