What is GHSA-m68r-v472-jgq9?

GHSA-m68r-v472-jgq9 is a security advisory published by GitHub Security Advisories with Medium severity. JupyterHub has cross-origin form POSTs bypass XSRF (CWE-352)

Which CVE IDs does GHSA-m68r-v472-jgq9 cover?

GHSA-m68r-v472-jgq9 covers the following CVE IDs: CVE-2026-40864. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-m68r-v472-jgq9?

GHSA-m68r-v472-jgq9 has a CVSS v3 base score of 5.4, published by GitHub Security Advisories.

Which products are affected by GHSA-m68r-v472-jgq9?

GHSA-m68r-v472-jgq9 affects 1 product, including: pip/jupyterhub:\u003e= 4.1.0, \u003c 5.4.5.

GHSA-m68r-v472-jgq9MediumCVSS 5.4

JupyterHub has cross-origin form POSTs bypass XSRF (CWE-352)

Vendor

GitHub Security Advisories

Published

May 5, 2026

Last Modified

June 8, 2026

🔗 CVE IDs covered (1)

CVE-2026-40864 →

📋 Description

Summary

JupyterHub's XSRF protection (updated in 4.1.0) inappropriately treated requests with Sec-Fetch-Mode: no-cors as same-origin requests, which they are not, bypassing XSRF checks. The JSON API is not affected, only HTTP form endpoints, such as /hub/spawn and /hub/accept-share, meaning attackers could trigger server spawn (but not access the server) and if the attacker is a JupyterHub user permitted to share access to their server, cause a user to accept a share and have access to the attacker's server.

Patches

Upgrade to JupyterHub 5.4.5.

Mitigations

If a reverse proxy is in use, drop requests to JupyterHub with Sec-Fetch-Mode: no-cors.

🎯 Affected products1

pip/jupyterhub:>= 4.1.0, < 5.4.5

🔗 References (4)

https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-m68r-v472-jgq9
https://nvd.nist.gov/vuln/detail/CVE-2026-40864
https://github.com/jupyterhub/jupyterhub/commit/9c5ec277d3cda5a59de2d8c8117efa77bd941127
https://github.com/advisories/GHSA-m68r-v472-jgq9