CVE-2017-1000353CISA KEV: Actively Exploited

Jenkins Remote Code Execution Vulnerability

Published Oct 2, 2025·Updated Oct 2, 2025

Description

Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based protection mechanism.

Public Exploits & PoCs2 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free