Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how jenkins compares to other vendors in security performance

View Risk Score →

Software

jenkins
91
jenkins lts
61
jenkins pipeline
21
jenkins script security
13
jenkins jenkins
11
jenkins openid connect authentication plugin
5
jenkins performance publisher
5
jenkins azure ad
4
jenkins build failure analyzer plugin
4
jenkins kubernetes ci
4
jenkins pipeline maven integration
4
jenkins repository connector
4
jenkins websphere deployer
4
jenkins compuware topaz for total test
3
jenkins jenkins lts
3
jenkins nexus platform
3
jenkins relution enterprise appstore publisher
3
jenkins saml single sign-on
3
jenkins assembla auth
2
jenkins bitbucket oauth
2
jenkins checkmarx
2
jenkins cloudbees jenkins
2
jenkins cobertura
2
jenkins code coverage api
2
jenkins config file provider
2
jenkins coverity
2
jenkins deployer framework
2
jenkins elasticbox ci
2
jenkins embeddable build status
2
jenkins flaky test handler
2
jenkins folders jenkins
2
jenkins git
2
jenkins gitlab
2
jenkins health advisor
2
jenkins html publisher
2
jenkins icescrum
2
jenkins jx resources
2
jenkins libvirt agents
2
jenkins matrix project
2
jenkins on amazon ec2
2
jenkins orka
2
jenkins pipeline github notify step
2
jenkins pipeline utility steps
2
jenkins rapiddeploy
2
jenkins role-based authorization strategy
2
jenkins scp publisher
2
jenkins slack notification
2
jenkins swarm
2
jenkins templating engine plugin
2
jenkins token macro
2

Jenkins HTML Publisher PluginXSS

Risk 75
Severity
8
First published (updated )
CVE-2026-42524

Jenkins Credentials Binding PluginPath Traversal

Risk 73
Severity
7.5
First published (updated )
CVE-2026-42520

Jenkins JenkinsJenkins 2.442 through 2.554 (both inclusive), LTS 2.426.3 through LTS 2.541.2 (both inclusive) perfo…

Risk 52
Severity
7.5
EPSS
0.05%
First published (updated )
CVE-2026-33002

Jenkins JenkinsJenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the …

Risk 58
Severity
8.8
EPSS
0.12%
First published (updated )
CVE-2026-33001

Jenkins JenkinsXSS

Risk 54
Severity
8
EPSS
0.04%
First published (updated )
CVE-2026-27099
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Jenkins Coverage PluginXSS

Risk 75
Severity
8
First published (updated )
CVE-2025-67641

Jenkins JenkinsJenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connection…

Risk 46
Severity
7.5
First published (updated )
CVE-2025-67635

Jenkins Azure CLI PluginOS Command Injection

Risk 83
Severity
8.8
First published (updated )
CVE-2025-64140

Jenkins JDepend PluginXEE

Risk 51
Severity
7.1
First published (updated )
CVE-2025-64134

Jenkins SAML PluginJenkins SAML Plugin 4.583.vc68232f7018a_ and earlier does not implement a replay cache, allowing att…

Risk 72
Severity
7.5
First published (updated )
CVE-2025-64131
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Jenkins Applitools Eyes PluginXSS

Risk 75
Severity
8
First published (updated )
CVE-2025-53658

Jenkins Git Parameter PluginInput Validation

Risk 57
Severity
8.2
First published (updated )
CVE-2025-53652

Jenkins Credentials Binding PluginJenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., repl…

Risk 54
Severity
7.3
First published (updated )
CVE-2025-53650

Jenkins Gatling PluginXSS

Risk 54
Severity
8
EPSS
0.05%
First published (updated )
CVE-2025-5806

cloudbees Jenkins Health Advisor by CloudBees PluginXSS

Risk 58
Severity
8.8
EPSS
0.04%
First published (updated )
CVE-2025-47885
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Jenkins Templating Engine PluginCode Injection

Risk 58
Severity
8.8
EPSS
0.08%
First published (updated )
CVE-2025-31722

Jenkins AnchorChain PluginXSS

Risk 54
Severity
8
EPSS
0.03%
First published (updated )
CVE-2025-30196

maven/io.jenkins.plugins:atlassian-bitbucket-server-integrationCSRF

Risk 58
Severity
8.8
EPSS
0.04%
First published (updated )
CVE-2025-24398

Jenkins Openid Connect Authentication JenkinsJenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f…

Risk 58
Severity
8.8
EPSS
0.04%
First published (updated )
CVE-2025-24399

maven/io.jenkins.plugins:simple-queueXSS

Risk 75
Severity
8
First published (updated )
CVE-2024-54003
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Jenkins Pipeline: Groovy PluginJenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2326043

Jenkins Pipeline: Declarative PluginJenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether th…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2326047

maven/io.jenkins.plugins:shared-library-version-overrideJenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped l…

Risk 83
Severity
8.8
First published (updated )
CVE-2024-52554

maven/org.jenkins-ci.plugins:authorize-projectXSS

Risk 75
Severity
8
First published (updated )
CVE-2024-52552

maven/org.jenkins-ci.plugins:oic-authJenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate th…

Risk 81
Severity
8.8
First published (updated )
CVE-2024-52553
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/org.jenkinsci.plugins:pipeline-model-parentJenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether th…

Risk 76
Severity
8
First published (updated )
CVE-2024-52551

Jenkins Pipeline\Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does…

Risk 76
Severity
8
First published (updated )
CVE-2024-52550

maven/org.jenkins-ci.plugins:oic-authJenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `is…

Risk 79
Severity
8.1
First published (updated )
CVE-2024-47807

maven/org.jenkins-ci.plugins:oic-authJenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `au…

Risk 79
Severity
8.1
First published (updated )
CVE-2024-47806

maven/org.jenkins-ci.plugins:credentialsInfoleak

Risk 46
Severity
7.5
First published (updated )
CVE-2024-47805
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203