CVE-2026-53439

MEDIUM NVD

CVSS Score 4.3

Severity MEDIUM

Published Jun 10, 2026

Vendor unknown

Description

Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine other users' configured timezone and to enumerate view names of other users' "My Views".

References

https://www.jenkins.io/security/advisory/2026-06-10/#SECURITY-3713