CVE-2026-53440
CVSS Score
4.3
EPSS Score
0.0%
EPSS Percentile
0th
Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not ensure that the "from" parameter in the "Delegate to servlet container" security realm is safe to redirect to after login, allowing attackers to perform phishing attacks by redirecting users to an attacker-controlled domain.
| Vendor | jenkins project |
| Product | jenkins |
| Ecosystems | |
| Industries | Technology |
| Published | Jun 10, 2026 |
| Last Updated | Jun 10, 2026 |
Stay Ahead of the Next One
Get instant alerts for jenkins project jenkins
Be the first to know when new medium vulnerabilities affecting jenkins project jenkins are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Jenkins Project / Jenkins
All versions affected