CVE-2026-40934 - jupyter-server authentication cookies remain valid after password reset due to static cookie secret
CVE ID :CVE-2026-40934 Published : May 5, 2026, 9:31 p.m. | 56 minutes ago Description :Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at ~/.local/share/jupyter/runtime/jup
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Not a Hack. A Handout. Inside the GTFOice.org Data Exposure
- [CYBER] Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years
- [CYBER] Kelp Blames LayerZero for $292 Million Hack, Plans Switch to Chainlink
- [CYBER] Android ADB Auth Bypass Proof-of-Concept: CVE-2026-0073
- [CYBER] New stealthy Quasar Linux malware targets software developers
- [CYBER] (LEAD) Coupang swings to net loss in Q1 amid fallout from data breach