Latest CVE Feed
CVE Intelligence
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Score
Vulnerability
Published
7.6
HIGH
CVE-2026-40110
— jupyter-server CORS origin validation bypass via unanchored regex in allow_origin_pat
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pa…
May 05, 2026
May 11, 2026
May 05, 2026
May 11, 2026
8.2
HIGH
CVE-2026-40075
— OpenMRS Core arbitrary file read via path traversal in ModuleResourcesServlet
OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnera…
May 05, 2026
May 12, 2026
May 05, 2026
May 12, 2026
9.8
CRITICAL
CVE-2026-28780
— Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()
Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod_proxy…
May 05, 2026
May 06, 2026
May 05, 2026
May 06, 2026