cvedb.io
CVE-2026-57287
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2026-06-24T14:17:34.943 · Last modified 2026-06-24T15:16:44.160

Summary

Jenkins Job Configuration History Plugin 1356.ve360da_6c523a_ and earlier does not redact the encrypted values of secrets when displaying historical job and agent configurations, allowing attackers with Extended Read permission to view encrypted secret values that would otherwise be redacted.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.