CVE-2026-40110 | jupyter-server jupyter_server up to 2.17.0 Jupyter Server API re.match regular expression without anchors (GHSA-24qx-w28j-9m6p / EUVD-2026-27510)

A vulnerability labeled as critical has been found in jupyter-server jupyter_server up to 2.17.0. Affected by this issue is the function re.match of the component Jupyter Server API. Executing a manipulation can lead to regular expression without anchors.

This vulnerability is tracked as CVE-2026-40110. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More