๐Ÿ” CVE Alert

CVE-2026-27099

HIGH 8.0
CVSS Score
8.0
EPSS Score
0.0%
EPSS Percentile
0th

Jenkins 2.483 through 2.550 (both inclusive), LTS 2.492.1 through 2.541.1 (both inclusive) does not escape the user-provided description of the "Mark temporarily offline" offline cause, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure or Agent/Disconnect permission.

Vendor jenkins project
Product jenkins
Ecosystems
Industries
Technology
Published Feb 18, 2026
Last Updated Feb 18, 2026
Stay Ahead of the Next One

Get instant alerts for jenkins project jenkins

Be the first to know when new high vulnerabilities affecting jenkins project jenkins are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Jenkins Project / Jenkins
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
jenkins.io: https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669