77
CVEs
1
Critical
19
High
0
KEV
1
PoC
4
Unpatched C/H
45.5%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
1
HIGH
19
MEDIUM
56
LOW
0
Monthly CVE Trend
Affected Products (30)
Jervis
7
Applitools Eyes
3
Cadence Vmanager
3
Open Redirect
3
Java
3
Nouvola Divecloud
2
Vaddy
2
Azure Service Fabric
2
Qmetry Test Management
2
Xooa
2
Sensedia Api Platform Tools
2
Readyapi Functional Testing
2
Apica Loadtest
2
Asakusasatellite
2
Statistics Gatherer
2
Docker
2
Monitor Remote Job
1
Openid Connect Authentication
1
Openid Connect Provider
1
Opentelemetry
1
Simple Queue
1
Ssh Agent
1
Ssh Slave
1
Stack Hammer
1
Templating Engine
1
Testsigma Test Plan Run
1
User1st Utester
1
Virtual Appliance Application
1
Virtual Appliance Host
1
Warrior Framework
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-42523 | Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature "GitHub | CRITICAL | 9.0 | 0.0% | 45 |
|
| CVE-2026-48920 | Arbitrary file disclosure in the Jenkins Email Extension Plugin (email-ext) versions 1933.v45cec755423f and earlier lets users who can control email content abuse the data-inline image attribute to supply file: URLs, causing the Jenkins controller to read local files and embed their contents as base64 inside outgoing emails. An authenticated attacker with rights to edit job email configuration or templates (CVSS PR:L) can exfiltrate controller secrets, credentials, and configuration. There is no public exploit identified at time of analysis and CISA's SSVC rates exploitation as none, but the CVSS 8.8 score and 'total' technical impact make controller secret theft a serious concern in shared Jenkins environments. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-33001 | Jenkins versions 2.554 and earlier (LTS 2.541.2 and earlier) contain a path traversal vulnerability in their handling of tar and tar.gz archive extraction that fails to safely process symbolic links, allowing attackers to write files to arbitrary filesystem locations. Attackers with Item/Configure permission or control over Jenkins agent processes can exploit this to deploy malicious scripts and plugins on the Jenkins controller, achieving code execution with the privileges of the Jenkins process. The vulnerability is particularly concerning because it affects the core Jenkins application and enables privilege escalation through plugin installation mechanisms. | HIGH | 8.8 | 0.0% | 44 |
|
| CVE-2026-33166 | Path traversal in Allure report generator for Jenkins allows unauthenticated attackers to read arbitrary files from the host system by crafting malicious test result files with specially crafted attachment paths. The vulnerability stems from insufficient path validation when processing attachments during report generation, enabling sensitive files to be included in generated reports. A patch is not currently available. | HIGH | 8.6 | 0.0% | 43 |
|
| CVE-2025-53652 | Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters. | HIGH | 8.2 | 0.0% | 41 |
|
| CVE-2026-27099 | Jenkins versions 2.483-2.550 and LTS 2.492.1-2.541.1 contain a stored XSS vulnerability in the agent offline cause description field that fails to properly sanitize user input. Attackers with Agent/Configure or Agent/Disconnect permissions can inject malicious scripts that execute in the browsers of other users viewing the affected agent configuration. No patch is currently available for this vulnerability. | HIGH | 8.0 | 0.0% | 40 |
|
| CVE-2026-42524 | Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting | HIGH | 8.0 | 0.0% | 40 |
|
| CVE-2025-5806 | A cross-site scripting vulnerability (CVSS 8.0). High severity vulnerability requiring prompt remediation. | HIGH | 8.0 | 0.0% | 40 |
|
| CVE-2026-42520 | Jenkins Credentials Binding Plugin 719.v80e905ef14eb_ and earlier does not sanitize file names for file and zip file credentials, allowing attackers a | HIGH | 7.5 | 0.3% | 38 |
|
| CVE-2026-48922 | Arbitrary file write in the Jenkins Credentials Binding Plugin (version 720.v3f6decef43ea_ and earlier) lets users who can supply file or zip-file credentials to a job write files to attacker-chosen paths on the node filesystem, escalating to remote code execution when Jenkins is configured to let a low-privileged user configure such credentials for a job running on the built-in node. The flaw stems from missing file-name sanitization on the file and zip credential types. Rated CVSS 7.5 with high attack complexity (AC:H); no public exploit identified at time of analysis and the issue is not in CISA KEV. | HIGH | 7.5 | 0.2% | 38 |
No patch
|
| CVE-2025-68704 | Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses java.util.Random() which is not cryptographically secure for timing attack mitigation. [CVSS 7.5 HIGH] | HIGH | 7.5 | 0.0% | 38 |
|
| CVE-2026-48921 | Arbitrary file read on the Jenkins controller is possible in the Jenkins 'Pipeline: Groovy Libraries Plugin' (version 797.v90ea_a_9b_e45a_0 and earlier), where the plugin fails to prohibit symbolic links inside shared libraries. An attacker who can control the contents of a shared library consumed by a Pipeline job can plant symlinks that resolve to sensitive files (credentials, secrets, configuration) on the controller filesystem and exfiltrate them through the build. There is no public exploit identified at time of analysis, and SSVC marks exploitation status as none, so this is a patch-and-move-on issue rather than an active-exploitation emergency. | HIGH | 7.5 | 0.0% | 38 |
No patch
|
| CVE-2025-68931 | Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding lacks authentication, making it vulnerable to padding oracle attacks and ciphertext manipulation. [CVSS 7.5 HIGH] | HIGH | 7.5 | 0.0% | 38 |
|
| CVE-2025-68701 | Jervis versions up to 2.2 is affected by use of a broken or risky cryptographic algorithm (CVSS 7.5). | HIGH | 7.5 | 0.0% | 38 |
|
| CVE-2025-68702 | Jervis versions up to 2.2 is affected by use of a broken or risky cryptographic algorithm (CVSS 7.5). | HIGH | 7.5 | 0.0% | 38 |
|