Serial number: AV26-403
Date: April 29, 2026
On April 29, 2026, Jenkins published a security advisory to address vulnerabilities in the following products:
- Credentials Binding Plugin – version 719.v80e905ef14eb_ and prior
- GitHub Plugin – version 1.46.0 and prior
- GitHub Branch Source Plugin – version 1967.vdea_d580c1a_b_a_ and prior
- HTML Publisher Plugin – version 427 and prior
- Matrix Authorization Strategy Plugin – versions 2.0-beta-1 to 3.2.9
- Microsoft Entra ID (previously Azure AD) Plugin – version 666.v6060de32f87d and prior
- Script Security Plugin – version 1399.ve6a_66547f6e1 and prior
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.