CVE-2026-48927

MEDIUM 5.5

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs or views.

Vendor	jenkins project
Product	jenkins buildgraph-view plugin
Published	May 27, 2026
Last Updated	May 27, 2026

Stay Ahead of the Next One

Get instant alerts for jenkins project jenkins buildgraph-view plugin

Be the first to know when new medium vulnerabilities affecting jenkins project jenkins buildgraph-view plugin are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Jenkins Project / Jenkins buildgraph-view Plugin

0 ≤ 1.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

jenkins.io: https://www.jenkins.io/security/advisory/2026-05-27/#SECURITY-3486