PT-2026-44010 · Jenkins · Jenkins Ldap Plugin
Adiel Sol
+7
·
Published
2026-05-27
·
Updated
2026-05-27
·
CVE-2026-48917
CVSS v3.1
6.6
Medium
| Vector | AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
Jenkins LDAP Plugin 807.v7d7de30930cf and earlier deserializes data from LDAP referrals without validation.
Fix
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jenkins Ldap Plugin