EIP-2026-103952

PRE-CVE

Jenkins - Script-Console Java Execution (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103952. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits Jenkins Script Console to execute arbitrary OS commands via Java Runtime.exec(). It supports Windows, Linux, and Unix targets, with authentication handling and payload staging.

Description

Jenkins - Script-Console Java Execution (Metasploit)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotemultiple

https://www.exploit-db.com/exploits/24272

View Code ZIP pw:eip

This Metasploit module exploits Jenkins Script Console to execute arbitrary OS commands via Java Runtime.exec(). It supports Windows, Linux, and Unix targets, with authentication handling and payload staging.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Jenkins (Script Console feature)

Auth required

Prerequisites: Access to Jenkins Script Console · Valid credentials if authentication is enabled

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026