VYPR
Medium severity4.3NVD Advisory· Published Apr 29, 2026· Updated May 6, 2026

CVE-2026-42519

CVE-2026-42519

Description

A missing permission check in Jenkins Script Security Plugin 1399.ve6a_66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.plugins:script-securityMaven
< 1402.v94c9ce4648611402.v94c9ce464861

Affected products

11

Patches

Vulnerability mechanics

References

3

News mentions

1