CVE-2026-33004 | THREATINT

Description

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

PUBLISHED Reserved 2026-03-17 | Published 2026-03-18 | Updated 2026-03-19 | Assigner jenkins

Product status

Default status

unaffected

Any version

affected

References

www.jenkins.io/security/advisory/2026-03-18/ (Jenkins Security Advisory 2026-03-18) vendor-advisory

cve.org (CVE-2026-33004)

nvd.nist.gov (CVE-2026-33004)

Download JSON