cbcvebase.
CVE-2026-33001
published 2026-03-18

CVE-2026-33001: Jenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the extraction of .tar and .tar.gz archives, allowing crafted…

PriorityP263high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.16%
63.2th percentile
Jenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the extraction of .tar and .tar.gz archives, allowing crafted archives to write files to arbitrary locations on the filesystem, restricted only by file system access permissions of the user running Jenkins. This can be exploited to deploy malicious scripts or plugins on the controller by attackers with Item/Configure permission, or able to control agent processes.

Affected

6 ranges
VendorProductVersion rangeFixed in
jenkinsjenkins< 2.541.32.541.3
jenkinsjenkins< 2.5552.555
jenkinsjenkins_core
jenkinsjenkins_lts
jenkinsjenkins_weekly
jenkinsloadninja_plugin

Detection & IOCsextracted from sources · hover to see the quote

pathJENKINS_HOME/init.groovy.d/
pathJENKINS_HOME/plugins/
  • Detect crafted .tar or .tar.gz archives containing symbolic links that resolve to paths outside the intended extraction target directory — a hallmark of this zip/tar slip-style attack.
  • Alert on use of the 'Archive the artifacts' post-build action or archiveArtifacts/archive Pipeline steps by users with Item/Configure permission, particularly when the submitted artifact is a .tar or .tar.gz file, as these are the most prominent attack vectors.
  • Flag agent processes that submit archives to the Jenkins controller for extraction, as compromised or attacker-controlled agents can exploit this vulnerability without requiring Item/Configure permission.
  • ·The vulnerability is restricted to Jenkins weekly 2.554 and earlier, and LTS 2.541.2 and earlier. Instances already upgraded to Jenkins 2.555 / LTS 2.541.3 are not affected.
  • ·Exploitation severity is bounded by the filesystem permissions of the OS user running Jenkins; environments running Jenkins as a least-privilege user reduce the blast radius of arbitrary file writes.
  • ·The standard (controller-local) artifact manager must be in use for the most prominent attack paths to apply; custom or remote artifact managers may not invoke the vulnerable extraction code path.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.