CVE-2026-42519

MEDIUM 4.3

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

0th

A missing permission check in Jenkins Script Security Plugin 1399.ve6a_66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths.

Vendor	jenkins project
Product	jenkins script security plugin
Published	Apr 29, 2026
Last Updated	Apr 29, 2026

Stay Ahead of the Next One

Get instant alerts for jenkins project jenkins script security plugin

Be the first to know when new medium vulnerabilities affecting jenkins project jenkins script security plugin are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Jenkins Project / Jenkins Script Security Plugin

0 ≤ 1399.ve6a_66547f6e1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

jenkins.io: https://www.jenkins.io/security/advisory/2026-04-29/#SECURITY-3662