Lucene search
+L

469 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-40934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a...

7.6CVSS5.6AI score0.00308EPSS
Exploits1References3
NVD
NVD
added 2026/05/05 10:16 p.m.13 views

CVE-2026-40934

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at /.local/share/jupyter/runtime/jupytercookiesecret and is never rotated when a user changes their password. After a password...

7.6CVSS0.00308EPSS
Exploits1References1
PyPA
PyPA
added 2026/05/05 10:16 p.m.16 views

PYSEC-2026-69

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at /.local/share/jupyter/runtime/jupytercookiesecret and is never rotated when a user changes their password. After a password...

7.6CVSS5.7AI score0.00308EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/05 9:31 p.m.42 views

CVE-2026-40934 jupyter-server authentication cookies remain valid after password reset due to static cookie secret

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at /.local/share/jupyter/runtime/jupytercookiesecret and is never rotated when a user changes their password. After a password...

7.6CVSS0.00308EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/05 9:31 p.m.5 views

CVE-2026-40934

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at /.local/share/jupyter/runtime/jupytercookiesecret and is never rotated when a user changes their password. After a password...

7.6CVSS5.8AI score0.00308EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Jupyter Server 代码问题漏洞

Jupyter Server is an application developed by the Jupyter organization that provides backend services for Jupyter web applications. Jupyter Server versions 2.17.0 and earlier have code vulnerabilities. These vulnerabilities stem from the persistence of the key used for signing authentication...

7.6CVSS5.8AI score0.00308EPSS
Exploits1References1
Oracle linux
Oracle linux
added 2026/04/22 12:0 a.m.9 views

kernel security update

6.12.0-124.52.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

7.8CVSS6.3AI score0.00171EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/04/21 12:0 a.m.18 views

kernel security update

4.18.0-553.120.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

7.8CVSS6AI score0.00171EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/04/20 12:0 a.m.21 views

kernel security update

5.14.0-611.49.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

7.8CVSS6.4AI score0.00185EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/04/07 12:0 a.m.8 views

kernel security update

6.12.0-124.49.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

8.8CVSS6AI score0.0024EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/04/07 12:0 a.m.8 views

kernel security update

4.18.0-553.117.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

8.8CVSS6.7AI score0.00788EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/04/02 8:58 p.m.19 views

OpenClaw Nostr privateKey config redaction bypass leaks plaintext signing key via config.get

Summary OpenClaw Nostr privateKey config redaction bypass leaks plaintext signing key via config.get Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: v2026.3.28 still models Nostr privateKey as plain string so config views can expose it, and the secret-schema f...

7.1CVSS5.9AI score0.00207EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/30 11:27 p.m.6 views

SUSE CVE-2026-33936

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References6
Oracle linux
Oracle linux
added 2026/03/30 12:0 a.m.13 views

kernel security update

4.18.0-553.115.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

7.8CVSS6.8AI score0.00253EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/03/30 12:0 a.m.10 views

kernel security update

5.14.0-611.45.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

7.8CVSS6.7AI score0.0024EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/03/30 12:0 a.m.9 views

kernel security update

6.12.0-124.47.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

7.8CVSS5.9AI score0.00788EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2026/03/27 11:17 p.m.5 views

CVE-2026-33936

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/27 10:8 p.m.23 views

CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS0.00476EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/03/27 10:8 p.m.5 views

CVE-2026-33936

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.2AI score0.00476EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/27 10:8 p.m.3 views

CVE-2026-33936

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder