CVE-2026-48925

Summary

A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trigger a build for a pull request.

Affected Software

VendorProductVersion RangeStatus
Jenkins ProjectJenkins GitHub Integration Plugin0 <= 0.7.3affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References