org.jenkins-ci.main:jenkins-core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-53441Highorg.jenkins-ci.main:jenkins-core: Jenkins: Stored XSS vulnerability in node offline cause description CVE-2026-33002Highorg.jenkins-ci.main:jenkins-core: Jenkins has a DNS rebinding vulnerability in WebSocket CLI origin validationCVE-2026-33001Highorg.jenkins-ci.main:jenkins-core: Jenkins has a link following vulnerability allows arbitrary file creationCVE-2026-27100Mediumorg.jenkins-ci.main:jenkins-core: Jenkins has a build information disclosure vulnerability through Run Parameter CVE-2026-27099Highorg.jenkins-ci.main:jenkins-core: Jenkins has a stored XSS vulnerability in node offline cause descriptionCVE-2025-67638Mediumorg.jenkins-ci.main:jenkins-core: Jenkins's build authorization token is stored and displayed in plain textCVE-2025-67635Highorg.jenkins-ci.main:jenkins-core: Jenkins has a Denial of service vulnerability in HTTP-based CLICVE-2025-67637Mediumorg.jenkins-ci.main:jenkins-core: Jenkins's build authorization token is stored and displayed in plain textCVE-2025-67636Mediumorg.jenkins-ci.main:jenkins-core: Jenkins is missing a permission check on password fieldsCVE-2025-67639Loworg.jenkins-ci.main:jenkins-core: Jenkins has a CSRF vulnerability on the login formCVE-2025-59475Mediumorg.jenkins-ci.main:jenkins-core: Jenkins is missing a permission check in the authenticated users' profile menu CVE-2025-59476Mediumorg.jenkins-ci.main:jenkins-core: Jenkins has a log message injection vulnerabilityCVE-2025-59474Mediumorg.jenkins-ci.main:jenkins-core: Jenkins has a missing permission check, allowing users to obtain agent namesCVE-2025-31721Mediumorg.jenkins-ci.main:jenkins-core: Jenkins Missing Permission CheckCVE-2025-31720Mediumorg.jenkins-ci.main:jenkins-core: Jenkins Missing Permission CheckCVE-2025-27625Mediumorg.jenkins-ci.main:jenkins-core: Jenkins Open Redirect vulnerability CVE-2025-27624Mediumorg.jenkins-ci.main:jenkins-core: Jenkins cross-site request forgery (CSRF) vulnerabilityCVE-2025-27623Mediumorg.jenkins-ci.main:jenkins-core: Jenkins reveals encrypted values of secrets stored in agent configuration to users with…CVE-2025-27622Mediumorg.jenkins-ci.main:jenkins-core: Jenkins reveals encrypted values of secrets stored in agent configuration to users with…CVE-2024-47803Mediumorg.jenkins-ci.main:jenkins-core: Jenkins exposes multi-line secrets through error messagesCVE-2024-47804Mediumorg.jenkins-ci.main:jenkins-core: Jenkins item creation restriction bypass vulnerabilityCVE-2024-43045Mediumorg.jenkins-ci.main:jenkins-core: Jenkins does not perform a permission check in an HTTP endpointCVE-2024-43044Highorg.jenkins-ci.main:remoting: Jenkins Remoting library arbitrary file read vulnerabilityCVE-2024-23898Highorg.jenkins-ci.main:jenkins-core: Cross-site WebSocket hijacking vulnerability in the Jenkins CLICVE-2024-23897Criticalorg.jenkins-ci.main:jenkins-core: Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE

Stop the waste.
Protect your environment with Kodem.