Known Vulnerabilities for Configuration As Code by Jenkins
Listed below are 9 of the newest known vulnerabilities associated with "Configuration As Code" by "Jenkins".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56447 json | MISP allowed an authenticated site administrator to set the Kafka_rdkafka_config setting to an arbitrary filesystem path. MIS... | Not Provided | 2026-06-22 | 2026-06-22 |
| CVE-2026-56208 json | A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's... | Not Provided | 2026-06-19 | 2026-06-22 |
| CVE-2026-55742 json | Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration rights handl... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-54414 json | FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint (/api/folder/uploadToSharedFolder... | Not Provided | 2026-06-19 | 2026-06-22 |
| CVE-2026-53915 json | In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration | Not Provided | 2026-06-19 | 2026-06-22 |
| CVE-2026-50632 json | A further incomplete fix for a previous advisory CVE-2026-44417 (Untrusted JMS configuration can lead to RCE) for Apache CX... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-49959 json | Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to ex... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-49954 json | Discuz! X5.0 releases 20260320 through 20260610 contain a local file inclusion vulnerability that allows authenticated admini... | Not Provided | 2026-06-15 | 2026-06-16 |
| CVE-2026-49345 json | Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, a Ser... | Not Provided | 2026-06-19 | 2026-06-22 |
| CVE-2026-49290 json | Slopsmith is a self-contained web application for browsing, playing, and practicing Rocksmith 2014 Custom DLC (CDLC). Prior t... | Not Provided | 2026-06-19 | 2026-06-22 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Jenkins | Configuration As Code | 1.9 | |||
| Application | Jenkins | Configuration As Code | 1.8 | |||
| Application | Jenkins | Configuration As Code | 1.7 | |||
| Application | Jenkins | Configuration As Code | 1.6 | |||
| Application | Jenkins | Configuration As Code | 1.5 | |||
| Application | Jenkins | Configuration As Code | 1.4 | |||
| Application | Jenkins | Configuration As Code | 1.3 | |||
| Application | Jenkins | Configuration As Code | 1.27 | |||
| Application | Jenkins | Configuration As Code | 1.26 | |||
| Application | Jenkins | Configuration As Code | 1.25 | |||
| Application | Jenkins | Configuration As Code | 1.24 | |||
| Application | Jenkins | Configuration As Code | 1.23.1 | |||
| Application | Jenkins | Configuration As Code | 1.23 | |||
| Application | Jenkins | Configuration As Code | 1.22 | |||
| Application | Jenkins | Configuration As Code | 1.21 | |||
| Application | Jenkins | Configuration As Code | 1.20 | |||
| Application | Jenkins | Configuration As Code | 1.2 | |||
| Application | Jenkins | Configuration As Code | 1.19 | |||
| Application | Jenkins | Configuration As Code | 1.18 | |||
| Application | Jenkins | Configuration As Code | 1.17 |