Jenkins Security Advisory Fixes 18 Plugin Vulnerabilities, Including Sandbox Bypass and Code Execution Flaws
Jenkins released a security advisory on June 24, 2026, patching 18 plugins for vulnerabilities ranging from sandbox bypass and arbitrary code execution to CSRF and information disclosure.
Jenkins published a security advisory on June 24, 2026, addressing vulnerabilities in 18 plugins, including Active Directory, Git client, Pipeline: Groovy, and Script Security. The advisory details multiple CVEs with varying severity, covering issues such as stored XSS, CSRF, and arbitrary code execution. Users are urged to update affected plugins to the latest versions to mitigate risks.
The most critical flaws involve the Script Security Plugin, which provides a sandbox feature for running user-provided scripts safely. Two high-severity vulnerabilities were disclosed: CVE-2026-57280 and CVE-2026-57281. The first allows attackers to bypass the sandbox by exploiting an implicit type cast in typed for loops, enabling arbitrary code execution on the Jenkins controller. The second bypasses sandbox protections by failing to reject Groovy AST transformation annotations like @CompileStatic that carry an extensions member, potentially allowing code execution outside the sandbox if a suitable Groovy script is on the classpath. Both are fixed in Script Security Plugin 1402.1405.vc96e74964250.
A medium-severity OS command injection vulnerability (CVE-2026-57282) was found in the Git client Plugin versions 6.6.0 and earlier. The plugin does not correctly escape the workspace directory name when embedding it into the SSH wrapper script generated by the "Manually provided keys" Git Host Key Verification strategy on Unix agents. Attackers who can control the build's working directory name can inject shell command substitution and execute arbitrary commands on the agent. Git client Plugin 6.6.1 resolves this by storing the known_hosts file in the system temporary directory.
The Pipeline: Groovy Plugin (workflow-cps) was found to have two medium-severity issues: a CSRF vulnerability (CVE-2026-57283) and unrestricted instantiation of types (CVE-2026-57284). Versions 4331.v9d06ed4658ff and earlier allow attackers to instantiate any type with a @DataBoundConstructor annotation via the Pipeline Snippet Generator, and the endpoint accepts GET requests, enabling CSRF attacks. This can be used to create script approval requests attributed to another user, aiding social engineering. The fix in version 4331.4333.v50a_b_076c5199 restricts instantiation to Pipeline steps and requires POST requests.
A missing permission check in the GitHub Branch Source Plugin (CVE-2026-57285) allows attackers with Overall/Read permission to enumerate GitHub Enterprise server URLs configured by administrators. The vulnerability affects versions 1967.1969.v205fd594c821 and earlier, and is fixed in version 1967.1970.vd86979736546, which requires Overall/Manage or Item/Extended Read permission.
Other affected plugins include Active Directory, Assembla, Bitbucket Push and Pull Request, Contrast Continuous Application Security, EC2 Fleet, External Workspace Manager, FitNesse, Git Parameter, Gitee, Job Configuration History, MCP Server, OWASP ZAP, Priority Sorter, and Zowe zDevOps. Users are strongly advised to update all affected plugins to their latest versions to protect against these vulnerabilities.