cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-24400,https://securityvulnerability.io/vulnerability/CVE-2025-24400,Credential Misuse in Jenkins Eiffel Broadcaster Plugin by CloudBees,"The Jenkins Eiffel Broadcaster Plugin, versions 2.8.0 to 2.10.2, is susceptible to a vulnerability where the credential ID is leveraged as the cache key during signing operations. This flaw permits attackers to exploit the system by creating a credential that matches the ID of a legitimate one stored in a different credentials repository. As a result, attackers can sign events sent to RabbitMQ using valid credentials, potentially leading to unauthorized access and actions within applications relying on this integration.",Jenkins,Jenkins Eiffel Broadcaster Plugin,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-22T17:02:53.578Z,0