24h | 7d | 30d

CVE-2026-48920

Overview

  • Jenkins Project
  • Jenkins Email Extension Plugin
27 May 2026
Published
27 May 2026
Updated
CVSS
Pending
EPSS
0.44%
KEV

Description

Jenkins Email Extension Plugin 1933.v45cec755423f and earlier allows inlining images as `base64` in email content by setting the `data-inline` attribute, without restrictions on the image URLs that can be inlined, allowing attackers able to control the email content to specify `file:` URLs for images to read arbitrary files from the Jenkins controller filesystem.

Statistics

  • 1 Post
Last activity: 14 hours ago

Bluesky

Profile picture fallback
セキュリティ対策Lab @securitylab-jp.bsky.social
Jenkinsの複数プラグインに脆弱性(CVE-2026-48920,CVE-2026-48921,CVE-2026-48922) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 0
  • 0
  • 14h ago

CVE-2026-48922

Overview

  • Jenkins Project
  • Jenkins Credentials Binding Plugin
27 May 2026
Published
27 May 2026
Updated
CVSS
Pending
EPSS
1.77%
KEV

Description

Jenkins Credentials Binding Plugin 720.v3f6decef43ea_ and earlier does not properly sanitize file names for file and zip file credentials, allowing attackers able to provide credentials to a job to write files to arbitrary locations on the node filesystem, which can lead to remote code execution if Jenkins is configured to allow a low-privileged user to configure file or zip file credentials used for a job running on the built-in node.

Statistics

  • 1 Post
Last activity: 14 hours ago

Bluesky

Profile picture fallback
セキュリティ対策Lab @securitylab-jp.bsky.social
Jenkinsの複数プラグインに脆弱性(CVE-2026-48920,CVE-2026-48921,CVE-2026-48922) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 0
  • 0
  • 14h ago

CVE-2026-47753

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 15 hours ago

Fediverse

Profile picture fallback
Stéphane Graber's website @blog

Announcing Incus 7.1

The Incus team is pleased to announce the release of Incus 7.1!

This is our first monthly feature release since Incus 7.0 LTS and it’s a pretty busy one as we’ve had some time to clear our backlog a bit.

[🖼 image]

This fixes the following security issues:

On the feature front, the highlights for this release are:

  • Rebuilding custom storage volumes
  • Explicit CPU topology for virtual machines
  • Custom TPM platform certificate
  • Volume creation on attach
  • File system creation options for storage
  • Low-level LINSTOR configuration
  • IP ranges in network address sets
  • Multicast snooping control on bridge networks
  • Multiple addresses per remote
  • S3 object storage improvements

The full announcement and changelog can be found here.
And for those who prefer videos, here’s the release overview video:

https://www.youtube.com/watch?v=p4ZxwFSgeJ8

You can take the latest release of Incus up for a spin through our online demo service at: https://linuxcontainers.org/incus/try-it/

And as always, my company is offering commercial support on Incus, ranging from by-the-hour support contracts to one-off services on things like initial migration from LXD, review of your deployment to squeeze the most out of Incus or even feature sponsorship. You’ll find all details of that here: https://zabbly.com/incus

Donations towards my work on this and other open source projects is also always appreciated, you can find me on Github Sponsors, Patreon and Ko-fi.

Enjoy!

  • 1
  • 0
  • 0
  • 15h ago

CVE-2026-48754

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 15 hours ago

Fediverse

Profile picture fallback
Stéphane Graber's website @blog

Announcing Incus 7.1

The Incus team is pleased to announce the release of Incus 7.1!

This is our first monthly feature release since Incus 7.0 LTS and it’s a pretty busy one as we’ve had some time to clear our backlog a bit.

[🖼 image]

This fixes the following security issues:

On the feature front, the highlights for this release are:

  • Rebuilding custom storage volumes
  • Explicit CPU topology for virtual machines
  • Custom TPM platform certificate
  • Volume creation on attach
  • File system creation options for storage
  • Low-level LINSTOR configuration
  • IP ranges in network address sets
  • Multicast snooping control on bridge networks
  • Multiple addresses per remote
  • S3 object storage improvements

The full announcement and changelog can be found here.
And for those who prefer videos, here’s the release overview video:

https://www.youtube.com/watch?v=p4ZxwFSgeJ8

You can take the latest release of Incus up for a spin through our online demo service at: https://linuxcontainers.org/incus/try-it/

And as always, my company is offering commercial support on Incus, ranging from by-the-hour support contracts to one-off services on things like initial migration from LXD, review of your deployment to squeeze the most out of Incus or even feature sponsorship. You’ll find all details of that here: https://zabbly.com/incus

Donations towards my work on this and other open source projects is also always appreciated, you can find me on Github Sponsors, Patreon and Ko-fi.

Enjoy!

  • 1
  • 0
  • 0
  • 15h ago

CVE-2026-48756

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 15 hours ago

Fediverse

Profile picture fallback
Stéphane Graber's website @blog

Announcing Incus 7.1

The Incus team is pleased to announce the release of Incus 7.1!

This is our first monthly feature release since Incus 7.0 LTS and it’s a pretty busy one as we’ve had some time to clear our backlog a bit.

[🖼 image]

This fixes the following security issues:

On the feature front, the highlights for this release are:

  • Rebuilding custom storage volumes
  • Explicit CPU topology for virtual machines
  • Custom TPM platform certificate
  • Volume creation on attach
  • File system creation options for storage
  • Low-level LINSTOR configuration
  • IP ranges in network address sets
  • Multicast snooping control on bridge networks
  • Multiple addresses per remote
  • S3 object storage improvements

The full announcement and changelog can be found here.
And for those who prefer videos, here’s the release overview video:

https://www.youtube.com/watch?v=p4ZxwFSgeJ8

You can take the latest release of Incus up for a spin through our online demo service at: https://linuxcontainers.org/incus/try-it/

And as always, my company is offering commercial support on Incus, ranging from by-the-hour support contracts to one-off services on things like initial migration from LXD, review of your deployment to squeeze the most out of Incus or even feature sponsorship. You’ll find all details of that here: https://zabbly.com/incus

Donations towards my work on this and other open source projects is also always appreciated, you can find me on Github Sponsors, Patreon and Ko-fi.

Enjoy!

  • 1
  • 0
  • 0
  • 15h ago

CVE-2026-48753

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 15 hours ago

Fediverse

Profile picture fallback
Stéphane Graber's website @blog

Announcing Incus 7.1

The Incus team is pleased to announce the release of Incus 7.1!

This is our first monthly feature release since Incus 7.0 LTS and it’s a pretty busy one as we’ve had some time to clear our backlog a bit.

[🖼 image]

This fixes the following security issues:

On the feature front, the highlights for this release are:

  • Rebuilding custom storage volumes
  • Explicit CPU topology for virtual machines
  • Custom TPM platform certificate
  • Volume creation on attach
  • File system creation options for storage
  • Low-level LINSTOR configuration
  • IP ranges in network address sets
  • Multicast snooping control on bridge networks
  • Multiple addresses per remote
  • S3 object storage improvements

The full announcement and changelog can be found here.
And for those who prefer videos, here’s the release overview video:

https://www.youtube.com/watch?v=p4ZxwFSgeJ8

You can take the latest release of Incus up for a spin through our online demo service at: https://linuxcontainers.org/incus/try-it/

And as always, my company is offering commercial support on Incus, ranging from by-the-hour support contracts to one-off services on things like initial migration from LXD, review of your deployment to squeeze the most out of Incus or even feature sponsorship. You’ll find all details of that here: https://zabbly.com/incus

Donations towards my work on this and other open source projects is also always appreciated, you can find me on Github Sponsors, Patreon and Ko-fi.

Enjoy!

  • 1
  • 0
  • 0
  • 15h ago
Showing 51 to 56 of 56 CVEs