CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2026/03/26 3:16 p.m.•4 views

CVE-2026-33004

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

4.3CVSS5.8AI score0.00217EPSS

Exploits0References1

Github Security Blog•added 2026/03/18 6:31 p.m.•8 views

Jenkins LoadNinja Plugin stores LoadNinja API keys unencrypted in job config.xml files

Jenkins LoadNinja Plugin 2.1 and earlier stores LoadNinja API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS5.8AI score0.00142EPSS

Exploits0References3Affected Software1

OSV•added 2026/03/18 6:31 p.m.•4 views

GHSA-P9HG-WRMV-V8CP Jenkins LoadNinja Plugin does not mask LoadNinja API keys displayed on the job configuration form

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

4.3CVSS5.8AI score0.00217EPSS

Exploits0References3

Github Security Blog•added 2026/03/18 6:31 p.m.•8 views

Jenkins LoadNinja Plugin does not mask LoadNinja API keys displayed on the job configuration form

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

4.3CVSS5.8AI score0.00217EPSS

Exploits0References3Affected Software1

NVD•added 2026/03/18 4:16 p.m.•8 views

CVE-2026-33003

4.3CVSS0.00142EPSS

Exploits0References1

ATTACKERKB•added 2026/03/18 3:15 p.m.•4 views

CVE-2026-33004

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

5.8AI score0.00217EPSS

Exploits0References2

CVE•added 2026/03/18 3:15 p.m.•26 views

CVE-2026-33004

CVE-2026-33004 affects Jenkins LoadNinja Plugin 2.1 and earlier, where API keys are displayed in plain text on the job configuration form and not masked. This creates a risk of credential observation/capture by users with access to the Jenkins UI or filesystem. The issue is documented across mult...

4.3CVSS5.8AI score0.00217EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/03/18 3:15 p.m.•12 views

CVE-2026-33004

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

0.00217EPSS

Exploits0References1

Tenable Nessus•added 2026/03/18 12:0 a.m.•6 views

Jenkins plugin Multiple Vulnerabilities (2026-03-18)

According to its self-reported version number, the version of Jenkins plugins running on the remote web server is affected by multiple vulnerabilities: - Jenkins LoadNinja Plugin 2.1 and earlier stores LoadNinja API keys unencrypted in job config.xml files on the Jenkins controller where they can...

8.8CVSS6AI score0.0075EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by