Jenkins Security Advisory: 13 CVEs Across 11 Plugins Disclosed May 2026
Jenkins disclosed 13 vulnerabilities across 11 plugins on May 27, 2026, including two High-severity flaws enabling remote code execution and arbitrary file reads.
The Jenkins Project published a security advisory on May 27, 2026 disclosing 13 vulnerabilities across 11 plugins. The batch includes two High-severity CVEs — one in the Credentials Binding Plugin and one in the Email Extension Plugin — alongside a cluster of Medium-severity issues spanning LDAP handling, cross-site request forgery, stored XSS, and missing permission checks. Several of the flaws share common root causes, such as unsafe deserialization from LDAP referrals and improper validation of file paths and URLs.
The most severe vulnerability in the batch is CVE-2026-48922 (CVSS 7.5, High) in the Credentials Binding Plugin (versions 720.v3f6decef43ea and earlier). The plugin fails to properly sanitize file names for file and zip file credentials, allowing attackers who can provide credentials to a job to write files to arbitrary locations on the node filesystem. If Jenkins is configured in a certain way, this can lead to remote code execution.
CVE-2026-48920 (CVSS 8.8, High) is in the Email Extension Plugin (versions 1933.v45cec755423f and earlier). The plugin allows inlining images as base64 in email content by setting the data-inline attribute, without restrictions on the image URLs that can be inlined. Attackers able to control email content can specify file: URLs for images to read arbitrary files from the Jenkins controller.
A cluster of four Medium-severity CVEs (all CVSS 6.6) targets the Active Directory Plugin and the LDAP Plugin, both of which follow LDAP referrals by default and deserialize data from those referrals without validation. CVE-2026-48918 and CVE-2026-48919 affect the Active Directory Plugin (versions 2.41 and earlier), while CVE-2026-48916 and CVE-2026-48917 affect the LDAP Plugin (versions 807.v7d7de30930cf and earlier). The advisory notes that LDAP referrals can forward to an RMI URL that causes Jenkins to deserialize attacker-controlled data, potentially enabling server-side request forgery (SSRF) and deserialization attacks.
Three CSRF vulnerabilities were disclosed: CVE-2026-9674 (CVSS 4.3) in the Multijob Plugin allows attackers to resume failed Multijob builds via CSRF, and CVE-2026-48925 (CVSS 4.3) in the GitHub Integration Plugin allows attackers to trigger a build for a pull request via CSRF. Two plugins were found to have missing permission checks: CVE-2026-48926 (CVSS 4.3) in the Job Import Plugin allows attackers with Overall/Read permission to enumerate credentials IDs, and CVE-2026-48923 (CVSS 4.3) in the AppSpider Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL.
CVE-2026-48927 (CVSS 5.5) in the buildgraph-view Plugin (versions 1.8 and earlier) does not escape the build URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs or views. CVE-2026-48924 (CVSS 4.3) in the Bitbucket OAuth Plugin (versions 0.17 and earlier) does not restrict the redirect URL after login, allowing attackers to perform phishing attacks via an open redirect.
The Jenkins Project has released updated versions of all affected plugins. Users are advised to update to the latest versions of each plugin as specified in the Jenkins Security Advisory 2026-05-27. For plugins where no fix is yet available, the advisory recommends disabling the plugin or restricting permissions to mitigate risk.
This disclosure is notable for its breadth — 13 CVEs across 11 different plugins in a single advisory — and for the severity of the Credentials Binding Plugin flaw, which can lead to remote code execution. The LDAP referral issues are particularly concerning for organizations using Active Directory or LDAP authentication with Jenkins, as they combine two dangerous behaviors (following referrals by default and deserializing without validation) that could be chained by an attacker who compromises or controls the LDAP server.