CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

153 matches found

NVD•added 2026/05/27 3:16 p.m.•8 views

CVE-2026-48921

Jenkins Pipeline: Groovy Libraries Plugin 797.v90eaa9be45a0 and earlier does not prohibit symbolic links in shared libraries, allowing attackers able to control the content of a library used by a Pipeline job to read arbitrary files on the Jenkins controller filesystem...

7.5CVSS0.00406EPSS

Exploits0References1

EUVD•added 2026/05/27 2:13 p.m.•4 views

EUVD-2026-32512

7.5CVSS5.9AI score0.00406EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 2:13 p.m.•6 views

CVE-2026-48921

5.9AI score0.00406EPSS

Exploits0References1

CVE•added 2026/05/27 2:13 p.m.•8 views

CVE-2026-48921

CVE-2026-48921 affects Jenkins Pipeline: Groovy Libraries Plugin 797.v90ea_a_9b_e45a_0 and earlier. The root cause is that the plugin does not prohibit symbolic links in shared libraries, which allows an attacker who can control the library content used by a Pipeline job to read arbitrary files o...

7.5CVSS5.9AI score0.00406EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/05/27 2:13 p.m.•32 views

CVE-2026-48921

0.00406EPSS

Exploits0References1

AlpineLinux•added 2026/05/27 2:13 p.m.•10 views

CVE-2026-48921

7.5CVSS5.9AI score0.00406EPSS

Exploits0References1

Positive Technologies•added 2026/05/27 12:0 a.m.•7 views

PT-2026-44014

Name of the Vulnerable Software and Affected Versions Jenkins Pipeline: Groovy Libraries Plugin versions prior to 797.v90ea a 9b e45a 0 Description The plugin does not prohibit symbolic links in shared libraries. This allows attackers who can control the content of a library used by a Pipeline jo...

7.5CVSS5.9AI score0.00406EPSS

Exploits0References4

CNNVD•added 2026/05/27 12:0 a.m.•4 views

Jenkins Pipeline: Groovy Libraries Plugin 安全漏洞

Jenkins Pipeline: The Groovy Libraries Plugin is an open-source Jenkins Pipeline plugin that manages Groovy libraries. The Jenkins Pipeline: Groovy Libraries Plugin versions 797.v90eaa9be45a0 and earlier have security vulnerabilities. These vulnerabilities stem from the lack of protection against...

7.5CVSS5.9AI score0.00406EPSS

Exploits0References1

Tenable Nessus•added 2026/05/27 12:0 a.m.•10 views

Jenkins plugins Multiple Vulnerabilities (2026-05-27)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross- site scripting XSS vulnerability...

8.8CVSS6.4AI score0.01768EPSS

Exploits0References14

Tenable Nessus•added 2026/05/06 12:0 a.m.•6 views

RHCOS 3 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:2651)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2651 advisory. - jenkins-plugin-script-security: Sandbox bypass through type casts in Script Security Plugin CVE-2019-10355 -...

8.8CVSS5.8AI score0.00063EPSS

Exploits0References8

Tenable Nessus•added 2026/05/06 12:0 a.m.•3 views

RHCOS 4 : OpenShift Container Platform 4.9.33 (RHSA-2022:2205)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:2205 advisory. - credentials: Stored XSS vulnerabilities in jenkins plugin CVE-2022-29036 - Jira: Stored XSS vulnerabilities in Jenkins Jira plugin...

5.4CVSS5.9AI score0.00355EPSS

Exploits0References10

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-7049