19 Total CVEs
11 AI Analyzed
1 CISA KEV
2 Critical
All Vendors
Showing 1-19 of 19 CVEs
CVE-2026-57301
Analyzed
8.8
Jenkins OWASP ZAP Plugin

Jenkins OWASP ZAP Plugin 1

2026-06-25
CVE-2026-57296
Analyzed
8.8
Jenkins External Workspace Manager Plugin

Jenkins External Workspace Manager Plugin 1

2026-06-25
CVE-2026-57280
Analyzed
8.8
Jenkins Script Security Plugin

Jenkins Script Security Plugin 1402

2026-06-25
CVE-2026-53435
Analyzed
8.8
Jenkins Jenkins

In Jenkins 2

2026-06-11
CVE-2026-48920
Analyzed
8.8
Jenkins Email Extension

Jenkins Email Extension Plugin 1933

2026-05-28
CVE-2026-42524
8
Jenkins HTML Publisher

Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting...

2026-04-30
CVE-2026-42523
Analyzed
9
Jenkins GitHub Plugin

The Jenkins GitHub Plugin contains a stored cross-site scripting (XSS) vulnerability due to improper URL processing during GitHub hook trigger validat...

2026-04-30
CVE-2026-42520
7.5
Jenkins Credentials Binding

Jenkins Credentials Binding Plugin 719

2026-04-30
CVE-2026-33002
7.5
Jenkins Multiple Products

Jenkins 2

2026-03-20
CVE-2026-33001
8.8
Jenkins Multiple Products

Jenkins 2

2026-03-20
CVE-2026-27099
8
Jenkins Multiple Products

Jenkins 2

2026-02-19
CVE-2026-14336
Analyzed
8.2
Jenkins PIA (OIDC issuer allowlist)

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check (issuer

2026-07-03
CVE-2025-67641
8
Jenkins Multiple Products

Jenkins Coverage Plugin 2

2025-12-11
CVE-2025-67635
7.5
Jenkins Multiple Products

Jenkins 2

2025-12-12
CVE-2025-64134
Analyzed
7.1
Jenkins Multiple Products

Jenkins JDepend Plugin 1

2025-10-29
CVE-2025-64131
Analyzed
7.5
Jenkins Multiple Products

Jenkins SAML Plugin 4

2025-10-29
CVE-2025-53652
Analyzed
8.2
Jenkins Multiple Products

Jenkins Git Parameter Plugin 439

2025-07-10
CVE-2025-53650
Analyzed
7.3
Jenkins Multiple Products

Jenkins Credentials Binding Plugin 687

2025-07-11
CVE-2017-1000353
KEV
9.5
Jenkins Jenkins

Jenkins Remote Code Execution Vulnerability - Active in CISA KEV catalog.

2025-10-02