CVE-2026-57299
N/AMissing permission checks in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allow attackers with Overall/Read permission to enumerate the names of configured Contrast metadata.
NO EXPLOITATION SIGNALS
No known exploitation, public exploit, or elevated probability at this time. Track for changes.
Exploitation likelihood
0.2%chance of exploitation in 30 days · 9th percentile
○ In CISA KEV
○ Public exploit / PoC
Impact if exploited
—CVSS · not scored
- No impact metrics
Weakness (CWE)
Not classified.
CVSS vector
Not yet scored.