{"vulnerability": "CVE-2026-42523", "sightings": [{"uuid": "e8ebc99f-34b6-4011-a11e-27f1ec52d3e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mknclb2n7s2k", "content": "CVE-2026-42523 - Jenkins GitHub Plugin Stored XSS Vulnerability\nCVE ID : CVE-2026-42523\n \n Published : April 29, 2026, 1:31 p.m. | 46\u00a0minutes ago\n \n Description : Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementi...", "creation_timestamp": "2026-04-29T14:26:34.291867Z"}, {"uuid": "590a7519-2813-4f5f-a125-7ecc6d13edb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42523", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mkorqf3ol323", "content": "Jenkins GitHub Plugin \u22641.46.0 hit by CRITICAL XSS (CVE-2026-42523). Authenticated users can inject malicious JS. Restrict permissions & monitor activity. Patch pending \u2014 see vendor advisory. https://radar.offseq.com/threat/cve-2026-42523-vulnerability-in-jenkins-project-je-d7de8e87 #OffSeq #Jenki...", "creation_timestamp": "2026-04-30T04:30:32.975574Z"}, {"uuid": "b4e6e87b-bdb2-42bb-a2a5-63d3612b0616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42523", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116491775490142620", "content": "\ud83d\udea8 CRITICAL: Jenkins GitHub Plugin \u22641.46.0 has a stored XSS (CVE-2026-42523). Attackers with Overall/Read permission can run JS in users' browsers. Limit permissions & check vendor for patches. https://radar.offseq.com/threat/cve-2026-42523-vulnerability-in-jenkins-project-je-d7de8e87 #OffSeq #Jenkins #XSS #Vuln", "creation_timestamp": "2026-04-30T04:30:43.966268Z"}, {"uuid": "904b37fb-a01f-4c43-b52b-fc1f410d29e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkqmskn7yy2z", "content": "\ud83d\udd34 CVE-2026-42523 - Critical (9)\n\nJenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of Java...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42523/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-04-30T22:07:35.976922Z"}, {"uuid": "62b57abc-30e2-4251-8638-5530c472f213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml5zwmlcjd25", "content": "\ud83d\udccc CVE-2026-42523 - Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature \"GitHub... https://www.cyberhub.blog/cves/CVE-2026-42523", "creation_timestamp": "2026-05-06T06:07:07.363795Z"}, {"uuid": "4393f11d-ce2c-472a-89e8-5ded2fc0a235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mlqeqeikhi22", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-42523 Jenkins GitHub\u00a0Plugin\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nJenkins GitHub Plugin 1.46.0\u4ee5\u524d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306f\u3001\"GitHub hook trigger for GITScm polling\"\u6a5f\u80fd\u306e\u691c\u8a3c\u3092\u5b9f\u88c5\u3059\u308bJavaScript\u306e\u4e00\u90e8\u3068\u3057\u3066\u3001", "creation_timestamp": "2026-05-13T13:08:23.742991Z"}]}