A vulnerability described as critical has been identified in hekmon8 Jenkins-server-mcp 0.1.0 . This vulnerability affects the function jobPath of the file src/index.ts of the component get_build_status/get_build_log/trigger_build . Such manipulation leads to server-side request forgery. This vulnerability is listed as CVE-2026-10276 . The attack may be performed from remote. In addition, an exploit is available. The project was informed of the problem early through an issue report but has not r