Vulnerabilities

CVE-2026-33003

by Fred · 18/03/2026

Jenkins LoadNinja Plugin 2.1 and earlier stores LoadNinja API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.

More information : https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3642

Similar

Tags: Cybersecurity Alert