CVE-2026-21883 | Bokeh up to 3.8.1 Websocket Connection missing origin validation in websockets (GHSA-793v-589g-574v)

Inserito da Angelo Barbosa | Gen 8, 2026 | CVE

A vulnerability has been found in Bokeh up to 3.8.1 and classified as critical. Impacted is an unknown function of the component Websocket Connection Handler. Performing a manipulation results in missing origin validation in websockets.

This vulnerability was named CVE-2026-21883. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.

CVE-2026-21883 | Bokeh up to 3.8.1 Websocket Connection missing origin validation in websockets (GHSA-793v-589g-574v)

Post correlati

CVE-2025-68227 | Linux Kernel up to 6.17.9 mptcp tcp_rcv_state_process comparison

CVE-2025-8015 | WP Shortcodes Plugin up to 7.4.2 on WordPress Image Title/Slide Link cross site scripting

CVE-2024-0123 | NVIDIA CUDA Toolkit up to 12.6U1 on Windows/Linux nvdisasm improper validation of specified index, position, or offset in input

CVE-2022-48763 | Linux Kernel up to 5.10.96/5.15.18/5.16.4 KVM arch/x86/kvm/vmx/vmx.c vmx_enter_smm memory leak