Public CVE-2025-58458 disclosure

Jenkins global-build-stats Plugin 322.v22f4db_18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs.

Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.

Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.