Question 1

What is CVE-2026-57284 — CVE-2026-57284?

Accepted Answer

Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier does not restrict the types that can be instantiated through the Pipeline Snippet Generator, allowing attackers to instantiate types related to job or system configuration other than Pipeline steps.

Question 2

What is the authoritative source for CVE-2026-57284?

Accepted Answer

CVE-2026-57284 (CVE-2026-57284) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	4.3 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Last modified	2026-06-24

CVE-2026-57284CVE-2026-57284

Description

Scoring