Quickfire Cyber Bulletin June 5, 2026
← Back

CVE-2018-1000861

Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability

High

Description

A code execution vulnerability exists in the Stapler web framework used by Jenkins

Scores & Signals

EPSS score 0.9448 (100.0th percentile)
CISA KEV Yes — actively exploited (added 2022-02-10) · due 2022-08-10
Affected Jenkins Jenkins Stapler Web Framework

Sources

External references

Risk scores are deterministic, based on public signals only. They are informational context, not a final verdict. Always consult vendor advisories before taking action.