Critical Jenkins Vulnerability Exposes Build Environments to XSS Attacks
First seen 20 Feb 2026, 15:17 UTC
•
•80% similarity
•46.6
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A critical stored Cross-Site Scripting (XSS) vulnerability has been identified in Jenkins Core, affecting build environments. The vulnerabilities, tracked as CVE-2026-27099 and CVE-2026-27100, were disclosed by the European Commission under the Jenkins Bug Bounty Program. CVE-2026-27099 is classified as high-severity and poses significant security risks to users.
ThreatCluster AI
Timeline
2026-02-18
CVE-2026-27099 published
2026-02-18
CVE-2026-27100 published
2026-02-20
Articles published detailing the vulnerabilities