Vulnerability in Jenkins Project
CVE-2026-33002
Jenkins 2.442 through 2.554 (both inclusive), LTS 2.426.3 through LTS 2.541.2 (both inclusive) performs origin validation of requests made through the CLI WebSocket endpoint by computing the expected origin for comparison using the Host or…
EPSS: 0.001 (22.3th percentile) — read the EPSS interpretation.
Affected products
- Jenkins Project — versions 0, 2.427, 2.555
References
- Jenkins Security Advisory 2026-03-18 (vendor-advisory)