Known Vulnerabilities for Jenkins-server-mcp by Hekmon8
Listed below are 5 of the newest known vulnerabilities associated with "Jenkins-server-mcp" by "Hekmon8".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-57303 json | Jenkins Assembla Plugin 1.4 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allow... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-57300 json | A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb_2557fe and earlier allows attackers with Item/Read perm... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-57289 json | Jenkins Bitbucket Push and Pull Request Plugin 3.3.8 and earlier unconditionally disables SSL/TLS certificate and hostname va... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-14336 json | PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check (issuer.startswith(' https://ci.eclipse.org ')... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-10276 json | A vulnerability has been found in hekmon8 Jenkins-server-mcp 0.1.0. This vulnerability affects the function jobPath of the fi... | Not Provided | 2026-06-01 | 2026-06-01 |