CVE-2018-1000861
Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability
CVSS
—
No CVSS
EPSS
98.5%
p100
KEV
YES
Feb 10, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
98.3%EPSS · 30 days98.5%
2026-06-302026-07-16
Product
Jenkins / Jenkins Stapler Web Framework
Vulnerability
Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability
Added to KEV
Feb 10, 2022
Remediate by
Aug 10, 2022
Known ransomware use
No
Summary description
A code execution vulnerability exists in the Stapler web framework used by Jenkins
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-1000861
No related CVEs by CWE or product.