CVE-2026-40110
published 2026-05-05CVE-2026-40110: Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check…
high7.6CVSS 4.0
AVNACLATPPRNUIPVCHVIHVALSCLSILSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pat configuration value. Because re.match() only anchors at the start of the string and does not require a full match, a pattern intended to match only a trusted domain (e.g., trusted.example.com) will also match any origin that begins with that domain followed by additional characters (e.g., trusted.example.com.evil.com). An attacker who controls such a domain can bypass the CORS origin restriction and make cross-origin requests to the Jupyter Server API from an untrusted site. This issue has been fixed in version 2.18.0.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | jupyter-server | >= 0 < 2.18.0 | 2.18.0 |
| jupyter-server | jupyter_server | <= 2.17.0 | — |
| jupyter | jupyter_server | < 2.18.0 | 2.18.0 |
| mta | mta-solution-server-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-datascience-cpu-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-minimal-cpu-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-minimal-cuda-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-minimal-rocm-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-pytorch-cuda-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-pytorch-rocm-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-tensorflow-cuda-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-tensorflow-rocm-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-trustyai-cpu-py312-rhel9 | — | — |