CVE-2026-48919 PUBLISHED

Assigner: jenkins
Reserved: 26.05.2026 Published: 27.05.2026 Updated: 27.05.2026

Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without validation.

Product Status

Vendor Jenkins Project
Product Jenkins Active Directory Plugin
Versions Default: unaffected
  • affected from 0 to 2.41 (incl.)

References