CVE-2026-57281
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not reject Groovy AST transformation annotations carrying an extensions member, allowing attackers able to run sandboxed Groovy scripts to execute code outside the sandbox if a suitable script is present on the classpath of the component that evaluates the script.
| Vendor | jenkins project |
| Product | jenkins script security plugin |
| Published | Jun 24, 2026 |
| Last Updated | Jun 24, 2026 |
Stay Ahead of the Next One
Get instant alerts for jenkins project jenkins script security plugin
Be the first to know when new high vulnerabilities affecting jenkins project jenkins script security plugin are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Jenkins Project / Jenkins Script Security Plugin
0 โค 1402.v94c9ce464861