Jenkins Security Advisories
The Jenkins project publishes security advisories covering Jenkins core and its plugin ecosystem — often dozens of plugins per advisory, each with its own severity. CI servers hold credentials for everything they build, making Jenkins advisories high-impact for software supply-chain security.
CSIRTS.com ingests Jenkins Security Advisories every 3 hours, normalizes each advisory into a common schema and cross-references every CVE against the CISA KEV catalog and public exploit datasets. Publishes advisories for Jenkins core and plugins. Also available via RSS, JSON API and the MCP server.
Latest from Jenkins Security Advisories
Jenkins Security Advisory 2026-06-10
Jenkins Security Advisory 2026-05-27
Jenkins Security Advisory 2026-04-29
Jenkins Security Advisory 2026-03-18
Jenkins Security Advisory 2026-02-18
Jenkins Security Advisory 2025-12-10
Jenkins Security Advisory 2025-10-29
Jenkins Security Advisory 2025-09-17
Jenkins Security Advisory 2025-09-03
Jenkins Security Advisory 2025-07-09
Jenkins Security Advisory 2025-06-06
Jenkins Security Advisory 2025-05-14
Jenkins Security Advisory 2025-04-10
Jenkins Security Advisory 2025-04-02
Jenkins Security Advisory 2025-03-19
Jenkins Security Advisory 2025-03-05
Jenkins Security Advisory 2025-01-22
Jenkins Security Advisory 2024-11-27
Jenkins Security Advisory 2024-11-13
Jenkins Security Advisory 2024-10-02
Jenkins Security Advisory 2024-08-07
Jenkins Security Advisory 2024-06-26
Jenkins Security Advisory 2024-05-24
Jenkins Security Advisory 2024-05-02
Browse all 100 advisories from Jenkins Security Advisories →