Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

BDU FSTEC
BDU FSTECadded 2025/04/07 12:0 a.m.1 views

The vulnerability of the Stack Hammer plugin on the Jenkins automation server, related to deficiencies in access control, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Stack Hammer plugin in the Jenkins automation server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

6.5CVSS5.5AI score0.00099EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/04/04 3:39 p.m.18 views

CVE-2025-31726

Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

5.5CVSS7AI score0.00099EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2025/04/02 3:31 p.m.29 views

Jenkins Stack Hammer Plugin Stores API Keys Unencrypted in Job `config.xml` Files

Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of...

5.5CVSS6.9AI score0.00099EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2025/04/02 3:16 p.m.14 views

CVE-2025-31726

Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

5.5CVSS0.00099EPSS
Exploits0References1
OSV
OSVadded 2025/04/02 3:16 p.m.1 views

CVE-2025-31726

Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

5.5CVSS5.8AI score
Exploits0References1
CVE
CVEadded 2025/04/02 2:59 p.m.66 views

CVE-2025-31726

CVE-2025-31726 affects Jenkins Stack Hammer Plugin versions 1.0.6 and earlier. The root cause is unencrypted storage of Stack Hammer API keys inside job config.xml files on the Jenkins controller, enabling disclosure to users with Extended Read permission or anyone with access to the controller f...

5.5CVSS7AI score0.00099EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/04/02 2:59 p.m.9 views

CVE-2025-31726

Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

7AI score0.00099EPSS
Exploits0References1
Rows per page
Query Builder