Jenkins Plugin Vulnerabilities: Script Security RCE, Git Command Injection, CSRF, CVE-2026-57280 to 57287
Security AdvisorySA-CORE-2026-001HighJenkins
Affected:
- Script Security Plugin <= 1402.v94c9ce464861
- Git client Plugin <= 6.6.0
- Pipeline: Groovy Plugin <= 4331.vd056d44658ff
- GitHub Branch Source Plugin <= 1967.1969.v205fd594c821
- Git Parameter Plugin <= 462.vdcf3df2ed2ca_
Fixed in:
- Script Security Plugin >= 1402.vc96e74964250
- Git client Plugin >= 6.6.1
- Pipeline: Groovy Plugin >= 4331.4333.v50a_b_076c5199
- GitHub Branch Source Plugin >= 1967.1970.v8d86979736546
- Git Parameter Plugin >= 462.463.v496a_59f698e5
Referenced CVEs: CVE-2026-57286
文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive
This content was auto-fetched from www.jenkins.io, cleaned by our LLM pipeline, and translated to English. View original.