CVE-2026-53441

Jenkins 2.483 through 2.567 both inclusive, LTS 2.492.1 through 2.555.2 both inclusive does not escape the user-provided description of a generic offline cause that could be set through the POST config.xml API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers...

CVE-2017-12736

After initial configuration, the Ruggedcom Discovery Protocol RCDP is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions...