CVE-2026-53435 | Jenkins up to 2.554.x config.xml deserialization

A vulnerability was found in Jenkins up to 2.554.x. It has been classified as critical. This issue affects some unknown processing of the file config.xml. This manipulation causes deserialization.

This vulnerability is registered as CVE-2026-53435. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More