VDB

ANCHORE-2025-59476

ANCHORE-2025-59476 PUBLISHED

Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not restrict or transform the characters that can be inserted from user-specified content in log messages, allowing attackers able to control log message contents to insert line break characters, followed by forged log messages that may mislead administrators reviewing log output.

Affected Products

VendorProductVersions
Jenkins ProjectJenkins0, 2.517, 2.517

Timeline

  • Sep 17, 2025 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›