Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / org.jenkins-ci.plugins

org.jenkins-ci.plugins

1,024 tracked vulnerabilities.

CVE-2026-42525 MEDIUM

Jenkins Microsoft Entra ID Plugin <=666.v6060de32f87d - Open Redirect

CVE-2026-42524 HIGH

Jenkins HTML Publisher Plugin < 427 - Stored Cross-Site Scripting in Legacy Wrapper File

CVE-2026-42523 CRITICAL

Jenkins GitHub Plugin < 1.46.0 - Stored Cross-Site Scripting via GitHub Hook Trigger Validation

CVE-2026-42522 MEDIUM

Jenkins GitHub Branch Source Plugin <=1967.vdea_d580c1a_b_a_ - Auth Bypass

CVE-2026-42521 MEDIUM

Jenkins Project Jenkins Matrix Authorization Strategy Plugin < 3.2.9 - Information Disclosure

CVE-2026-42520 HIGH

Jenkins Project Jenkins Credentials Binding Plugin < 719.v80e905ef14eb_ - Remote Code Execution

CVE-2026-42519 MEDIUM

Jenkins Script Security Plugin <=1399.ve6a_66547f6e1 - Info Disclosure

CVE-2026-33004 MEDIUM

Jenkins LoadNinja Plugin <=2.1 - Info Disclosure

CVE-2026-33003 MEDIUM

Jenkins LoadNinja Plugin <=2.1 - Info Disclosure

CVE-2025-67640 MEDIUM

Jenkins Git client Plugin < 6.4.1 - OS Command Injection via Workspace Directory Name

CVE-2025-64150 MEDIUM

Jenkins Publish to Bitbucket Plugin < 0.4 - Missing Authorization for Credential Capture via URL Connection

CVE-2025-64149 MEDIUM

Jenkins Publish to Bitbucket Plugin < 0.4 - Cross-Site Request Forgery

CVE-2025-64148 MEDIUM

Jenkins Publish to Bitbucket Plugin < 0.4 - Missing Authorization for Credential ID Enumeration

CVE-2025-64147 MEDIUM

Jenkins Curseforge Publisher Plugin 1.0 - Sensitive Data Exposure via Unmasked API Keys

CVE-2025-64146 MEDIUM

Jenkins Curseforge Publisher Plugin 1.0 - Unencrypted API Key Storage in config.xml

CVE-2025-64142 MEDIUM

Jenkins Nexus Task Runner Plugin <= 0.9.2 - Missing Authorization for URL Connection

CVE-2025-64141 MEDIUM

Jenkins Nexus Task Runner Plugin <= 0.9.2 - Cross-Site Request Forgery

CVE-2025-64140 HIGH

Jenkins Azure CLI Plugin < 0.9 - Authenticated OS Command Injection

CVE-2025-64139 MEDIUM

Jenkins Start Windocks Containers Plugin < 1.4 - Missing Authorization

CVE-2025-64138 MEDIUM

Jenkins Start Windocks Containers Plugin < 1.4 - Cross-Site Request Forgery

CVE-2025-64137 MEDIUM

Jenkins Themis < 1.4.1 - Server-Side Request Forgery via Missing Permission Check

CVE-2025-64136 MEDIUM

Jenkins Themis Plugin < 1.4.1 - Cross-Site Request Forgery

CVE-2025-64134 HIGH

Jenkins JDepend Plugin < 1.3.1 - XML External Entity Injection

CVE-2025-64131 HIGH

Jenkins SAML Plugin <4.583 - Auth Bypass

CVE-2025-58459 MEDIUM

Jenkins global-build-stats Plugin < 322.v22f4db_18e2dd - Improper Access Control in REST API Endpoints

Page 1 of 41 Next

Products

script-security 35 git 13 email-ext 11 active-directory 9 config-file-provider 9 electricflow 9 ec2 8 oic-auth 8 subversion 8 artifactory 7 credentials-binding 7 htmlpublisher 7 jobConfigHistory 7 mercurial 7 openshift-deployer 7 rundeck 7 azure-ad 6 azure-vm-agents 6 ec2-deployment-dashboard 6 fortify-on-demand-uploader 6 ghprb 6 gitlab-oauth 6 gitlab-plugin 6 pipeline-maven 6 repository-connector 6 aws-codecommit-trigger 5 codedx 5 credentials 5 delphix 5 extended-choice-parameter 5

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy