VDB

CVE-2025-67635

CVE-2025-67635 PUBLISHED

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service.

EPSS 0.18% · 39.2th percentile

Risk Scores

EPSS Score
0.18%
39.2th percentile

Affected Products

VendorProductVersions
Bitnamijenkins2.529.0, 0
Bitnamijenkins0, 2.529.0

Exploit Intelligence

Timeline

  • Dec 10, 2025 CVE Published
  • Dec 11, 2025 EPSS Score
  • Dec 12, 2025 PoC Published
  • Dec 15, 2025 EPSS Score
  • Dec 19, 2025 EPSS Score
  • Dec 23, 2025 EPSS Score
  • Dec 28, 2025 EPSS Score
  • Jan 1, 2026 EPSS Score
  • Jan 5, 2026 EPSS Score
  • Jan 9, 2026 EPSS Score
  • Jan 13, 2026 EPSS Score
  • Jan 17, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›