category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-57301	CVE-2026-57301_CVE-2026-57301 Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing attackers w...	Jenkins Project	Jenkins OWASP ZAP Plugin 1.0.7	Jun 24, 2026	CVE
MEDIUM 4.3	CVE-2026-57300	CVE-2026-57300_CVE-2026-57300 A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb_2557fe and earlier allows attackers with Item/Read permission to read the Pip...	Jenkins Project	Jenkins MCP Server Plugin 0.172.174.v9f72da_90a_710	Jun 24, 2026	CVE
MEDIUM 5.4	CVE-2026-57298	CVE-2026-57298_CVE-2026-57298 A cross-site request forgery (CSRF) vulnerability in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers to h...	Jenkins Project	Jenkins Contrast Continuous Application Security Plugin	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-57296	CVE-2026-57296_CVE-2026-57296 Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the e...	Jenkins Project	Jenkins External Workspace Manager Plugin 1.3.2	Jun 24, 2026	CVE
MEDIUM 5.4	CVE-2026-57295	CVE-2026-57295_CVE-2026-57295 A cross-site request forgery (CSRF) vulnerability in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a_81c3 and earlier allows attackers to connect to a...	Jenkins Project	Jenkins EC2 Fleet Plugin	Jun 24, 2026	CVE
MEDIUM 5.4	CVE-2026-57294	CVE-2026-57294_CVE-2026-57294 A missing permission check in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a_81c3 and earlier allows attackers with Overall/Read permission to connec...	Jenkins Project	Jenkins EC2 Fleet Plugin	Jun 24, 2026	CVE
MEDIUM 4.3	CVE-2026-57293	CVE-2026-57293_CVE-2026-57293 An incorrect permission check in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers with global Item/Configure permission (whi...	Jenkins Project	Jenkins Gitee Plugin	Jun 24, 2026	CVE
MEDIUM 5.4	CVE-2026-57292	CVE-2026-57292_CVE-2026-57292 A cross-site request forgery (CSRF) vulnerability in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers to connect to an attac...	Jenkins Project	Jenkins Gitee Plugin	Jun 24, 2026	CVE
MEDIUM 5.4	CVE-2026-57291	CVE-2026-57291_CVE-2026-57291 Missing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow attackers with Overall/Read permission to connect to an a...	Jenkins Project	Jenkins Gitee Plugin	Jun 24, 2026	CVE
MEDIUM 4.3	CVE-2026-57290	CVE-2026-57290_CVE-2026-57290 A cross-site request forgery (CSRF) vulnerability in Jenkins Priority Sorter Plugin 936.v2c01c6b_84449 and earlier allows attackers to overwrite th...	Jenkins Project	Jenkins Priority Sorter Plugin	Jun 24, 2026	CVE