CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Veracode•added 2025/12/13 4:54 a.m.•5 views

Authorization Bypass

Jenkins global-build-stats Plugin is vulnerable to Authorization Bypass. The vulnerability is due to missing permission checks in REST API endpoints, where the plugin exposes graph-related APIs without validating the caller’s authorization, and allows attackers with Overall/Read permission to...

4.3CVSS6.3AI score0.00059EPSS

Exploits0References3Affected Software1

OSV•added 2025/09/03 3:15 p.m.•0 views

CVE-2025-58459

Jenkins global-build-stats Plugin 322.v22f4db18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs...

4.3CVSS6.7AI score

Exploits0References2

AlpineLinux•added 2025/09/03 3:15 p.m.•3 views

CVE-2025-58459

Jenkins global-build-stats Plugin 322.v22f4db18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs...

4.3CVSS6.5AI score0.00059EPSS

Exploits0References2

Vulnrichment•added 2025/09/03 3:2 p.m.•2 views

CVE-2025-58459

Jenkins global-build-stats Plugin 322.v22f4db18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs...

6.3AI score0.00059EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by