CVE-2025-59474

🗓️ 17 Sep 2025 13:17:47Reported by jenkinsType

CVE-2025-59474: Jenkins sidepanel allows listing agent names without Overall or Read permission.

Reporter	Title	Published	Views	Family All 33
AlpineLinux	CVE-2025-59474	17 Sep 202514:15	–	alpinelinux
FreeBSD	jenkins -- multiple vulnerabilities	17 Sep 202500:00	–	freebsd
Chainguard	CVE-2025-59474 vulnerabilities	20 Sep 202513:30	–	cgr
Circl	CVE-2025-59474	23 Sep 202521:02	–	circl
CNNVD	Jenkins 安全漏洞	17 Sep 202500:00	–	cnnvd
CVE	CVE-2025-59474	17 Sep 202513:17	–	cve
EUVD	EUVD-2025-29723	3 Oct 202520:07	–	euvd
Tenable Nessus	FreeBSD : jenkins -- multiple vulnerabilities (b9b668f0-96ec-4568-b618-2edea45d6933)	18 Sep 202500:00	–	nessus
Tenable Nessus	Jenkins LTS < 2.516.3 / Jenkins weekly < 2.528 Multiple Vulnerabilities	17 Sep 202500:00	–	nessus
Tenable Nessus	Jenkins Sidepanel Unauthorized Agent/Queue Exposure	21 Oct 202500:00	–	nessus

[
  {
    "vendor": "Jenkins Project",
    "product": "Jenkins",
    "versions": [
      {
        "version": "0",
        "versionType": "maven",
        "lessThan": "2.387",
        "status": "unaffected"
      },
      {
        "version": "2.516.3",
        "versionType": "maven",
        "lessThan": "2.516.*",
        "status": "unaffected"
      },
      {
        "version": "2.528",
        "versionType": "maven",
        "lessThan": "*",
        "status": "unaffected"
      }
    ],
    "defaultStatus": "affected"
  }
]

Source	Link
jenkins	www.jenkins.io/security/advisory/2025-09-17/

17 Sep 2025 13:17Current

EPSS0.00111