Jenkins released a comprehensive security advisory on April 29, 2026, patching seven vulnerabilities across multiple widely used plugins, three rated High severity and covering critical attack vectors. The disclosed flaw includes path traversal leading to remote code execution, stored cross-site scripting (XSS), unsafe deserialization, and open redirect flaws. The most severe flaw patched in this advisory is CVE-2026-42520 (CVSS: […] The post Jenkins Patches High-Severity Plugin Vulnerability Including Path Traversal and Stored XSS appeared first on Cyber Security News.