Latest CVE Feed

CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable

Score

Vulnerability

Published

7.6 HIGH

CVE-2026-40110 — jupyter-server CORS origin validation bypass via unanchored regex in allow_origin_pat

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pa…

jupyter_server | Remote | Misconfiguration

May 05, 2026 May 11, 2026

May 05, 2026

May 11, 2026

8.2 HIGH

CVE-2026-40075 — OpenMRS Core arbitrary file read via path traversal in ModuleResourcesServlet

OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnera…

openmrs | Remote | Path Traversal

May 05, 2026 May 12, 2026

May 05, 2026

May 12, 2026

9.8 CRITICAL

CVE-2026-28780 — Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()

Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod_proxy…

http_server | Remote | Memory Corruption

May 05, 2026 May 06, 2026

May 05, 2026

May 06, 2026

Showing 20 of 7123 Results

Browse by Apps

Latest CVE Feed

Cookie Preferences