Vulnerability in Jenkins Project Contrast Continuous Application Security Plugin
CVE-2026-57299
Missing permission checks in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allow attackers with Overall/Read permission to enumerate the names of configured Contrast metadata.
Affected products
References
- jenkinsci-cert@googlegroups.com (vendor-advisory)