A vulnerability was found in Jenkins up to 2.554.x . It has been classified as critical . This issue affects some unknown processing of the file config.xml . This manipulation causes deserialization. This vulnerability is registered as CVE-2026-53435 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.