Vulnerability in Jenkins Project Loadninja Plugin
CVE-2026-33004
Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
EPSS: 0.000 (12.7th percentile) — read the EPSS interpretation.
Affected products
- Jenkins Project Loadninja Plugin — versions 0
References
- Jenkins Security Advisory 2026-03-18 (vendor-advisory)