Jenkins Security Advisory: Multiple Plugin Vulnerabilities including RCE, XSS, and Deserialization (CVE-2026-42519 to 42525)
Security AdvisoryHighJenkins
Affected:
- Credentials Binding Plugin 719.v80e905ef14eb_ and earlier
- GitHub Plugin 1.46.0 and earlier
- GitHub Branch Source Plugin 1967.vdea_d580c1a_b_a_ and earlier
- HTML Publisher Plugin 427 and earlier
- Matrix Authorization Strategy Plugin 3.2.9 and earlier
Fixed in:
- Credentials Binding Plugin 720.v3f6dcef43ea_
- GitHub Plugin 1.46.0.1
- GitHub Branch Source Plugin 1967.1969.v205fd594c821
- HTML Publisher Plugin 427.1
- Matrix Authorization Strategy Plugin 3.2.10
Referenced CVEs: CVE-2026-42524
文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive
This content was auto-fetched from www.jenkins.io, cleaned by our LLM pipeline, and translated to English. View original.