PatchSiren cyber security CVE debrief
CVE-2026-40110 Jupyter CVE debrief
CVE-2026-40110 is a Jupyter Server origin-validation flaw that can let an attacker bypass CORS restrictions when allow_origin_pat is used. The issue exists in Jupyter Server 2.17.0 and earlier because the Origin header check uses Python re.match(), which only anchors at the start of the string instead of requiring a full match. As a result, a pattern meant to allow trusted.example.com can also match attacker-controlled origins such as trusted.example.com.evil.com. The vendor states the issue is fixed in Jupyter Server 2.18.0.
- Vendor
- Jupyter
- Product
- CVE-2026-40110
- CVSS
- HIGH 7.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-05
- Original CVE updated
- 2026-05-11
- Advisory published
- 2026-05-05
- Advisory updated
- 2026-05-11
Who should care
Administrators and developers running Jupyter Server instances that rely on allow_origin_pat for browser-origin restrictions should treat this as relevant, especially if the server is reachable from untrusted networks or users may browse attacker-controlled sites while authenticated to Jupyter.
Technical summary
According to the CVE description and NVD record, Jupyter Server versions 2.17.0 and earlier validate Origin against allow_origin_pat using re.match(). Because re.match() checks only from the start of the string, a trusted-domain pattern can be bypassed by an origin that begins with the allowed text but continues with attacker-controlled suffix content. The NVD record lists CWE-777 and a vulnerable CPE range ending before 2.18.0. The issue is resolved in version 2.18.0.
Defensive priority
High. The NVD record rates the issue 7.6/HIGH, and the CVSS v4 vector indicates network attack conditions with no privileges required, but user interaction is needed. Systems that depend on origin-based browser access controls should prioritize upgrading to a fixed release.
Recommended defensive actions
- Upgrade Jupyter Server to version 2.18.0 or later.
- Review any configuration that uses allow_origin_pat and confirm it is not relying on prefix-style regex behavior.
- If you cannot upgrade immediately, restrict exposure of Jupyter Server to trusted networks and limit authenticated user browsing to untrusted sites.
- Validate that any origin allowlist logic uses exact matching or properly anchored full matches.
- Check the GitHub advisory and linked patches for the vendor-recommended remediation details.
Evidence notes
Source evidence comes from the CVE description, the NVD record marked analyzed, and the linked GitHub advisory and patch references. The supplied data states the vulnerable range is Jupyter Server 2.17.0 and earlier, with a fix in 2.18.0. NVD lists CVSS 4.0 vector AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L and CWE-777. No additional facts beyond the supplied corpus were used.
Official resources
-
CVE-2026-40110 CVE record
CVE.org
-
CVE-2026-40110 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Patch
-
Mitigation or vendor reference
[email protected] - Patch
-
Source reference
[email protected] - Issue Tracking
-
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory, Mitigation
Publicly disclosed on 2026-05-05 22:16:00.663Z, with the source record last modified on 2026-05-11 12:59:21.687Z. The supplied data identifies the fixed release as Jupyter Server 2.18.0.