VDB

CVE-2025-67639

CVE-2025-67639 PUBLISHED

A cross-site request forgery (CSRF) vulnerability in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers to trick users into logging in to the attacker's account.

EPSS 0.04% · 12.7th percentile

Risk Scores

EPSS Score
0.04%
12.7th percentile

Affected Products

VendorProductVersions
Bitnamijenkins0, 2.529.0
Bitnamijenkins2.529.0, 0

Timeline

  • Dec 10, 2025 CVE Published
  • Dec 11, 2025 EPSS Score
  • Dec 15, 2025 EPSS Score
  • Dec 19, 2025 EPSS Score
  • Dec 23, 2025 EPSS Score
  • Dec 27, 2025 EPSS Score
  • Jan 1, 2026 EPSS Score
  • Jan 5, 2026 EPSS Score
  • Jan 9, 2026 EPSS Score
  • Jan 13, 2026 EPSS Score
  • Jan 17, 2026 EPSS Score
  • Jan 21, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›