Where
-Infinity
0

Trending

Last week
Last month
Last year

Jenkins JenkinsA missing permission check in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers wi…

Risk 24
Severity
4.3
First published (updated )
CVE-2025-67636

Jenkins Gatling PluginXSS

Risk 54
Severity
8
EPSS
0.05%
First published (updated )
CVE-2025-5806

Jenkins JenkinsA missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers wi…

Risk 17
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-31721

Jenkins JenkinsA missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers wi…

Risk 17
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-31720

Jenkins JenkinsIn Jenkins 2.499 and earlier, LTS 2.492.1 and earlier, redirects starting with backslash (`\`) chara…

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-27625
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Jenkins JenkinsCSRF

Risk 25
Severity
5.4
EPSS
0.02%
First published (updated )
CVE-2025-27624

Jenkins JenkinsJenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when …

Risk 17
Severity
4.3
EPSS
0.01%
First published (updated )
CVE-2025-27623

Jenkins JenkinsJenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when …

Risk 17
Severity
4.3
EPSS
0.01%
First published (updated )
CVE-2025-27622

Jenkins Jenkins 2.492Reached end of life

EOL
Apr 30, 2025
First published (updated )
EOL-jenkins-2.492

maven/org.jenkins-ci.main:jenkins-coreIf an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLe…

Risk 24
Severity
4.3
First published (updated )
CVE-2024-47804
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error…

Risk 24
Severity
4.3
First published (updated )
CVE-2024-47803

Jenkins Jenkins 2.479Reached end of life

EOL
Feb 5, 2025
First published (updated )
latest-version-jenkins-2.479

Jenkins Jenkins 2.479Reached end of life

EOL
Feb 5, 2025
First published (updated )
EOL-jenkins-2.479

Jenkins JenkinsJenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files fr…

Risk 46
First published (updated )
REDHAT-BUG-2303466

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP en…

Risk 48
Severity
6.3
First published (updated )
CVE-2024-43045
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/org.jenkins-ci.main:jenkins-corePath Traversal

Risk 83
Severity
9.1
First published (updated )
CVE-2024-43044

Jenkins Jenkins 2.452Reached end of life

EOL
Aug 7, 2024
First published (updated )
EOL-jenkins-2.452

Jenkins Jenkins 2.452Reached end of life

EOL
Aug 7, 2024
First published (updated )
latest-version-jenkins-2.452

Jenkins Jenkins 2.462Reached end of life

EOL
Oct 2, 2024
First published (updated )
EOL-jenkins-2.462

Jenkins Jenkins 2.462Reached end of life

EOL
Oct 2, 2024
First published (updated )
latest-version-jenkins-2.462
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Vulnerability in Jenkins

First published (updated )
https://seclists.org/oss-sec/2024/q1/237

BleepingComputerExploits released for critical Jenkins RCE flaw, patch now

First published (updated )
News
BleepingComputer

Jenkins JenkinsJenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not …

Risk 58
Severity
8.8
EPSS
0.09%
First published (updated )
CVE-2024-23898

Multiple vulnerabilities in Jenkins and Jenkins plugins

First published (updated )
https://seclists.org/oss-sec/2024/q1/50

Jenkins Jenkins 2.440Reached end of life

EOL
May 15, 2024
First published (updated )
latest-version-jenkins-2.440
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Jenkins Jenkins 2.440Reached end of life

EOL
May 15, 2024
First published (updated )
EOL-jenkins-2.440

Jenkins Jenkins 2.426Reached end of life

EOL
Feb 21, 2024
First published (updated )
latest-version-jenkins-2.426

Jenkins Jenkins 2.426Reached end of life

EOL
Feb 21, 2024
First published (updated )
EOL-jenkins-2.426

maven/org.jenkins-ci.main:jenkins-coreIn Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDa…

Risk 64
Severity
8.1
First published (updated )
CVE-2023-43498

maven/org.jenkins-ci.main:jenkins-coreMalicious File Upload

Risk 62
Severity
8.1
First published (updated )
CVE-2023-43497
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203