CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/04/29 1:31 p.m.•25 views

CVE-2026-42524

0.00051EPSS

CVE•added 2026/04/29 1:31 p.m.•4 views

CVE-2026-42524

CVE-2026-42524 : Jenkins HTML Publisher Plugin 427 and earlier is vulnerable to a stored XSS due to not escaping the job name and URL in the legacy wrapper file. This can be exploited by attackers with Item/Configure permission. The public descriptions identify the affected component and the root...

8CVSS4.8AI score0.00051EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/04/29 12:0 a.m.•1 views

PT-2026-35918

Name of the Vulnerable Software and Affected Versions Jenkins HTML Publisher Plugin versions prior to 428 Description Stored cross-site scripting XSS occurs because the legacy wrapper file fails to escape the job name and URL. This allows attackers with Item/Configure permissions to execute...

8CVSS6AI score0.00051EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-2469

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00342EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-4916

Malicious code in bioql PyPI...

5.4CVSS5.4AI score0.00162EPSS

Exploits0References9

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-1047

Malicious code in bioql PyPI...

4.7CVSS5AI score0.00176EPSS

RedhatCVE•added 2025/07/11 3:42 p.m.•6 views

CVE-2025-53651

Jenkins HTML Publisher Plugin 425 and earlier displays log messages that include the absolute paths of files archived during the Publish HTML reports post-build step, exposing information about the Jenkins controller file system in the build log...

6.3CVSS6.7AI score0.01314EPSS

OSV•added 2025/07/09 6:30 p.m.•4 views

GHSA-367V-5PPJ-2HRX Jenkins HTML Publisher Plugin vulnerability displays controller file system information in its logs

4.3CVSS5.7AI score0.01314EPSS

Exploits0References4

OSV•added 2025/07/09 4:15 p.m.•4 views

CVE-2025-53651

6.3CVSS5.7AI score

Exploits0References2

AlpineLinux•added 2025/07/09 4:15 p.m.•3 views

CVE-2025-53651

6.3CVSS6.8AI score0.01314EPSS

Exploits0References2

CVE•added 2025/07/09 3:39 p.m.•19 views

CVE-2025-53651

CVE-2025-53651 affects the Jenkins HTML Publisher Plugin, 425 and earlier. The issue arises because log messages include the absolute paths of files archived during the Publish HTML reports post-build step, exposing information about the Jenkins controller filesystem in build logs. The Connected ...

6.3CVSS6.2AI score0.01314EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/07/09 3:39 p.m.•7 views

CVE-2025-53651

0.01314EPSS

Positive Technologies•added 2025/07/09 12:0 a.m.•4 views

PT-2025-28903 · Jenkins · Jenkins Html Publisher Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins HTML Publisher Plugin versions prior to 426 Description: The Jenkins HTML Publisher Plugin versions prior to 426 displays log messages that include the absolute paths of files archived during the Publish HTML reports post-build step,...

6.5CVSS5.8AI score0.01314EPSS

Exploits0References11

RedHat Linux•added 2024/07/17 6:49 p.m.•4 views

jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin

A flaw was found in jenkins-2-plugins. In the HTML Publisher Plugin 1.16 through 1.32, fallback for reports created in HTML Publisher Plugin 1.15 and earlier does not properly sanitize input. This can allow attackers with Item/Configure permissions to implement stored cross-site scripting XSS...

RedHat Linux•added 2024/06/05 2:47 p.m.•3 views

jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin

RedHat Linux•added 2024/06/05 2:47 p.m.•3 views

jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin

RedHat Linux•added 2024/06/05 2:46 p.m.•3 views

jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin