CVE-2026-57283

Summary

A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier allows attackers to instantiate types related to job or system configuration other than Pipeline steps through the Pipeline Snippet Generator.

Affected Software

VendorProductVersion RangeStatus
Jenkins ProjectJenkins Pipeline: Groovy Plugin0 <= 4331.v9d06ed4658ffaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References