Lucene search
K

105 matches found

NVD
NVD
added 2026/06/24 2:17 p.m.11 views

CVE-2026-57300

A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb2557fe and earlier allows attackers with Item/Read permission to read the Pipeline replay scripts of jobs they can access...

4.3CVSS0.00178EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 2:17 p.m.9 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 1:20 p.m.10 views

EUVD-2026-38781

A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb2557fe and earlier allows attackers with Item/Read permission to read the Pipeline replay scripts of jobs they can access...

4.3CVSS5.9AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 1:20 p.m.24 views

CVE-2026-57300

The CVE-2026-57300 entry concerns Jenkins MCP Server Plugin versions 0.177.v629fdb_2557fe and earlier, where a missing permission check allows attackers with Item/Read permission to read Pipeline replay scripts for jobs they can access. The vulnerability stems from inadequate access control on pi...

4.3CVSS5.9AI score0.00178EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 1:20 p.m.9 views

EUVD-2026-38766

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 1:20 p.m.15 views

CVE-2026-57286

CVE-2026-57286 describes a missing permission check in the Jenkins Git Parameter Plugin (462.vdcf3df2ed2ca_ and earlier). This allows users with Item/Read permission to obtain information about the SCM repository used by a job (e.g., branch names, tag names, and revision metadata). The impact is ...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/16 12:57 p.m.8 views

CVE-2026-53438

A flaw was found in Jenkins. A missing permission check allows an attacker, who has 'Item/Cancel' permission but lacks 'Item/Read' permission, to cancel queue items they are not authorized to view. This could lead to unauthorized disruption of queued tasks within Jenkins...

6.5CVSS5.2AI score0.00213EPSS
Exploits0References4
OSV
OSV
added 2026/06/12 8:43 a.m.7 views

BIT-JENKINS-2026-53438

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

4.3CVSS5.4AI score0.00213EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 2:16 p.m.2 views

CVE-2026-53438

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

4.3CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 1:6 p.m.40 views

CVE-2026-53442

Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not encrypt secrets from POST config.xml submissions before storing them in job configurations unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission, or access to t...

0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 1:5 p.m.12 views

EUVD-2026-36022

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

4.3CVSS5.5AI score0.00213EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 1:5 p.m.8 views

CVE-2026-53438

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

5.5AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 12:0 a.m.16 views

EUVD-2026-33854

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

4.8CVSS5.8AI score0.00124EPSS
Exploits0References8
CVE
CVE
added 2026/06/02 12:0 a.m.37 views

CVE-2026-10528

Orthanc DICOM Server (

4.8CVSS5.8AI score0.00124EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/03/18 3:15 p.m.5 views

CVE-2026-33003

Jenkins LoadNinja Plugin 2.1 and earlier stores LoadNinja API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS5.8AI score0.00142EPSS
Exploits0References2
Veracode
Veracode
added 2025/12/13 4:18 a.m.7 views

Sensitive Information Disclosure

Jenkins Curseforge Publisher Plugin is vulnerable to Sensitive Information Disclosure. The vulnerability is due to storing API keys in plaintext in job configuration files, allowing users with Item/Extended Read permission or file system access on the Jenkins controller to view and misuse the...

4.3CVSS6.8AI score0.00158EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4887

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.01982EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-6349

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00995EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-1003

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00876EPSS
Exploits0References10
Rows per page
Query Builder