The following Jenkins plugin updates contain fixes for security vulnerabilities:
* Applitools Eyes Plugin 1.16.6
* Credentials Binding Plugin 696.v256688029804
* Git Parameter Plugin 444.vca_b_84d3703c2
* HTML Publisher Plugin 427
Additionally, we announce unresolved security issues in the following plugins:
* Apica Loadtest Plugin
* Aqua Security Scanner Plugin
* Dead Man's Snitch Plugin
* IBM Cloud DevOps Plugin
* IFTTT Build Notifier Plugin
* Kryptowire Plugin
* Nouvola DiveCloud Plugin
* QMetry Test Management Plugin
* ReadyAPI Functional Testing Plugin
* Sensedia Api Platform tools Plugin
* Statistics Gatherer Plugin
* Testsigma Test Plan run Plugin
* User1st uTester Plugin
* VAddy Plugin
* Warrior Framework Plugin
* Xooa Plugin
Please see the advisory for more information:
https://www.jenkins.io/security/advisory/2025-07-09/