CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

222940 matches found

EUVD•added 2026/05/27 2:14 p.m.•13 views

EUVD-2026-32519

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

4.3CVSS5.7AI score0.00024EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 2:14 p.m.•10 views

CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

4.3CVSS5.7AI score0.00024EPSS

Exploits0References2

Cvelist•added 2026/05/27 2:14 p.m.•37 views

CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

0.00024EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 2:14 p.m.•12 views

CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

5.7AI score0.00024EPSS

Exploits0References1

AlpineLinux•added 2026/05/27 2:14 p.m.•12 views

CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

4.3CVSS5.7AI score0.00024EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 2:13 p.m.•7 views

CVE-2026-48927

Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or views...

5.6AI score0.00028EPSS

Exploits0References1

Cvelist•added 2026/05/27 2:13 p.m.•40 views

CVE-2026-48927

Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or views...

0.00028EPSS

Exploits0References1

Cvelist•added 2026/05/27 2:13 p.m.•37 views

CVE-2026-48926

Jenkins Job Import Plugin 143.v044a2e819b27 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

0.0011EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 2:13 p.m.•11 views

CVE-2026-48926

5.8AI score0.0011EPSS

Exploits0References1

EUVD•added 2026/05/27 2:13 p.m.•13 views

EUVD-2026-32517

4.3CVSS5.8AI score0.0011EPSS

Exploits0References1

CVE•added 2026/05/27 2:13 p.m.•13 views

CVE-2026-48926

The CVE-2026-48926 entry concerns Jenkins Job Import Plugin (versions 143.v044a_2e819b_27 and earlier) where an HTTP endpoint does not enforce a permission check. The flaw enables users with Overall/Read access to enumerate credentials IDs stored in Jenkins, indicating an authorization issue with...

4.3CVSS5.8AI score0.0011EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/05/27 2:13 p.m.•38 views

CVE-2026-48925

A cross-site request forgery CSRF vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trigger a build for a pull request...

0.00017EPSS

Exploits0References1

EUVD•added 2026/05/27 2:13 p.m.•11 views

EUVD-2026-32516

A cross-site request forgery CSRF vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trigger a build for a pull request...

4.3CVSS5.7AI score0.00017EPSS

Exploits0References1

Cvelist•added 2026/05/27 2:13 p.m.•40 views

CVE-2026-48924

Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...

0.00033EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 2:13 p.m.•8 views

CVE-2026-48924

Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...

5.8AI score0.00033EPSS

Exploits0References1

CVE•added 2026/05/27 2:13 p.m.•12 views

CVE-2026-48924

The CVE-2026-48924 entry concerns Jenkins Bitbucket OAuth Plugin affected in versions 0.17 and earlier. The root cause is insufficient validation of the redirect URL after login, which enables phishing attacks by deceiving users during OAuth flow. The impact is phishing risk; no exploitation deta...

4.3CVSS5.8AI score0.00033EPSS

Exploits0References1Affected Software1

EUVD•added 2026/05/27 2:13 p.m.•8 views

EUVD-2026-32515

Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...

4.3CVSS5.8AI score0.00033EPSS

Exploits0References1

CVE•added 2026/05/27 2:13 p.m.•16 views

CVE-2026-48925

CVE-2026-48925 is a CSRF vulnerability in the Jenkins GitHub Integration Plugin, affected

4.3CVSS5.7AI score0.00017EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/05/27 2:13 p.m.•7 views

CVE-2026-48925

A cross-site request forgery CSRF vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trigger a build for a pull request...

5.7AI score0.00017EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 2:13 p.m.•8 views

CVE-2026-48923

Jenkins AppSpider Plugin 1.0.17 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to connect to an attacker-specified URL...

5.8AI score0.00021EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by