Critical Vulnerability in Jenkins OWASP ZAP Plugin Allows Arbitrary Code Execution
A critical vulnerability (CVE-2026-57301) with a CVSS score of 8.8 has been discovered in the Jenkins OWASP ZAP Plugin, affecting versions 1.0.7 and earlier. This vulnerability allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller. Immediate action is required to update to a patched version.