Every CVE whose affected-product data names Jenkins Mcp Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-64132 — CVSS 5.4 (medium): Jenkins MCP Server Plugin 0.84.v50ca_24ef83f2 and earlier does not perform permission checks in multiple MCP tools, allowing attackers to…
CVE-2026-57300 — CVSS 4.3 (medium): A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb_2557fe and earlier allows attackers with Item/Read permission to read…