CVE-2026-48918
Received
Received - Intake
BaseFortify
Publication date: 2026-05-27
Last updated on: 2026-05-27
Assigner: Jenkins Project
Description
Description
Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jenkinsci | active_directory_plugin | to 2.41 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability in Jenkins Active Directory Plugin 2.41 and earlier allows the plugin to follow LDAP referrals by default. This behavior can lead to unauthorized access or exposure of sensitive information within the LDAP directory, potentially resulting in confidentiality, integrity, and availability impacts.
Can you explain this vulnerability to me?
The vulnerability in Jenkins Active Directory Plugin version 2.41 and earlier is that it follows LDAP referrals by default.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70