EC2 Fleet Plugin

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-57295	Jenkins Project EC2 Fleet Plugin		0.00	—	—		Jun 24, 2026	A cross-site request forgery (CSRF) vulnerability in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a_81c3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing AWS credentials stored…
CVE-2026-57294	Jenkins Project EC2 Fleet Plugin		0.00	—	—		Jun 24, 2026	A missing permission check in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a_81c3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing AWS credentials…

CVE-2026-57295Jun 24, 2026
Jenkins Project
EC2 Fleet Plugin
risk 0.00cvss —epss —
A cross-site request forgery (CSRF) vulnerability in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a_81c3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing AWS credentials stored…
CVE-2026-57294Jun 24, 2026
Jenkins Project
EC2 Fleet Plugin
risk 0.00cvss —epss —
A missing permission check in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a_81c3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing AWS credentials…