|
1021
|
- |
|
-
|
-
|
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pa…
New
|
CWE-777
|
CVE-2026-40110
|
2026-05-8 00:07 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1022
|
- |
|
-
|
-
|
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 an…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-40171
|
2026-05-8 00:07 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1023
|
- |
|
-
|
-
|
OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnera…
New
|
CWE-22
Path Traversal
|
CVE-2026-40075
|
2026-05-8 00:06 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1024
|
- |
|
-
|
-
|
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at ~/.local/share/jupyter/runt…
New
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-40934
|
2026-05-8 00:06 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1025
|
7.5 |
HIGH
Network
|
-
|
-
|
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP due to a nil poin…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-41642
|
2026-05-8 00:06 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1026
|
7.5 |
HIGH
Network
|
-
|
-
|
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-42285
|
2026-05-8 00:06 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1027
|
9.6 |
CRITICAL
Network
|
-
|
-
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0-rc3, the Script Runner widget allows users to execute Py…
Update
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2026-42088
|
2026-05-8 00:05 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1028
|
5.3 |
MEDIUM
Network
|
flowiseai
|
flowise
|
A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Respo…
New
|
CWE-200
CWE-284
CWE-312
Information Exposure
Improper Access Control
Cleartext Storage of Sensitive Information
|
CVE-2026-8026
|
2026-05-8 00:04 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1029
|
5.3 |
MEDIUM
Network
|
-
|
-
|
OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span a…
New
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2026-41310
|
2026-05-8 00:04 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1030
|
5.9 |
MEDIUM
Network
|
-
|
-
|
OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15.0-beta.1 and earlier, the AzureVmMetaDataRequestor class makes HTTP requests to the Azure VM insta…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-41483
|
2026-05-8 00:04 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
