Critical Jenkins Vulnerability Exposes Build Environments to XSS Attacks

Critical Jenkins Vulnerability Exposes Build Environments to XSS Attacks

First seen 20 Feb 2026, 15:17 UTC CybersecuritynewsGbhackers 80% similarity 46.6

Article Content

Browse articles
ThreatCluster

A critical stored Cross-Site Scripting (XSS) vulnerability has been identified in Jenkins Core, affecting build environments. The vulnerabilities, tracked as CVE-2026-27099 and CVE-2026-27100, were disclosed by the European Commission under the Jenkins Bug Bounty Program. CVE-2026-27099 is classified as high-severity and poses significant security risks to users.

ThreatCluster AI

Timeline

2026-02-18
CVE-2026-27099 published
2026-02-18
CVE-2026-27100 published
2026-02-20
Articles published detailing the vulnerabilities

Community

Browse all →