2 matches found
CVE-2026-40934
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at /.local/share/jupyter/runtime/jupytercookiesecret and is never rotated when a user changes their password. After a password...
Evope 1.1.3.20 Hardcoded Cryptographic Key
The component Evope Core in Evope version 1.1.3.20 uses a hardcoded cryptographic key, which means that encryption/decryption keys are permanently embedded in the source code, rather than being securely managed. This creates a critical security flaw because anyone who gains access to or...