Class based , object oriented programming language. Designed to have less dependencies as possible. The syntex of Java is smilier to C and C++. Commonly used for client-server applications. Java files are compiled by JVM (Java Virtual Machine)

Java

Jenkins is an open-source continuous integration tool written in Java. Jenkins provides continuous integration services for software development. It is a server-based system running in a servlet container such as Apache Tomcat. It supports SCM tools including AccuRev, CVS, Subversion, Git, Mercurial, Perforce, ClearCase, and RTC, and can execute Apache Ant and Apache Maven-based projects as well as arbitrary shell scripts and Windows batch commands.

Jenkins

Jenkins 2.442 through 2.554 (both inclusive), LTS 2.426.3 through LTS 2.541.2 (both inclusive) performs origin validation of requests made through the CLI WebSocket endpoint by computing the expected origin for comparison using the Host or X-Forwarded-Host HTTP request headers, making it vulnerable to DNS rebinding attacks that allow bypassing origin validation.

CVE-2026-33002

Chainguard

Maven

GitHub Advisory Database

Homebrew

MinimOS

Minimus

NixOS

Linux

Linux Kernel

Windows

Windows Cumulative Update

VulnCheck NVD++

Wolfi

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-4636	HIGH	8.1	Java	org.keycloak:keycloak-services	No	Yes	Apr 02, 2026
GHSA-2m67-wjpj-xhg9	HIGH	7.5	Java	tools.jackson.core:jackson-core	No	No	Apr 04, 2026
CVE-2026-4634	HIGH	7.5	Java	keycloak-fips	No	Yes	Apr 02, 2026
CVE-2026-4282	HIGH	7.4	Java	keycloak-fips-26.5	No	Yes	Apr 02, 2026
CVE-2026-4325	MEDIUM	5.3	Java	keycloak-fips	No	Yes	Apr 02, 2026

CVE-2026-33002:
Java vulnerability analysis and mitigation

7.5

Related Java vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-33002: Java vulnerability analysis and mitigation