CVE-2026-57287

MEDIUM NVD

CVSS Score 4.3

Severity MEDIUM

Published Jun 24, 2026

Vendor unknown

Description

Jenkins Job Configuration History Plugin 1356.ve360da_6c523a_ and earlier does not redact the encrypted values of secrets when displaying historical job and agent configurations, allowing attackers with Extended Read permission to view encrypted secret values that would otherwise be redacted.

References

https://www.jenkins.io/security/advisory/2026-06-24/#SECURITY-3742