CVE-2025-24399
CVE-2025-24399 affects the Jenkins OpenId Connect Authentication Plugin. The vulnerability arises because the plugin versions 4.452.v2849b_d3945fa_ and earlier (except 4.438.440.v3f5f201de5dc) treat usernames as case-insensitive, which on a Jenkins instance with a case-sensitive OpenID Connect pr...