Critical Vulnerability in Jenkins External Workspace Manager Plugin Allows Remote Code Execution
A critical vulnerability, CVE-2026-57296, with a CVSS score of 8.8, was discovered in the Jenkins External Workspace Manager Plugin. This vulnerability allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system, potentially leading to remote code execution. The plugin versions 1.3.2 and earlier are affected. Organizations using this plugin are urged to update to the latest version to mitigate this vulnerability.