CVE-2017-1000353CISA KEVEPSS p99.9%

CVE-2017-1000353Jenkins Remote Code Execution Vulnerability

Jenkins / Jenkins

Description

Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based protection mechanism.

Scoring

EPSS99.69% probability of exploitation · percentile 99.9% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2025-10-02

(incoming)1

TypeTargetConfidenceTier
KEVEntryJenkins Remote Code Execution Vulnerabilitykev-cve-2017-10003530%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability
CVE
Jenkins Matrix Project Plugin Remote Code Execution Vulnerability
CVE
Jenkins Command Line Interface (CLI) Path Traversal Vulnerability
CVE
CVE-2026-53435
CVE
Jenkins Script Security Plugin Sandbox Bypass Vulnerability
CVE
CVE-2025-31722
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.