Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44727 |
|
Cross-Site Scripting (XSS) in jupyter-server (CVE-2026-44727)
cross-site scripting in jupyter-server (CVE-2026-44727). Risk of unauthorized operations or information disclosure. Exploitable via ``nbconvert.HTMLExporter``. Mitigation: upgrade to `2.20.0` or later.
|
| CVE-2026-6657 |
|
Vulnerability in jupyter (CVE-2026-6657)
vulnerability in jupyter (CVE-2026-6657). Successful exploitation can lead to full system takeover. Exploitable via ``allow_origin_pat``.
|
| CVE-2026-5422 |
|
Vulnerability in path-traversal (CVE-2026-5422)
vulnerability in path-traversal (CVE-2026-5422). Confidential information can be exposed externally.
|
| CVE-2026-35397 |
|
Path Traversal in jupyter-server (CVE-2026-35397)
path traversal in jupyter-server (CVE-2026-35397). Successful exploitation can lead to full system takeover. Exploitable via ``root_dir``. Mitigation: upgrade to `2.18.0` or later.
|
| CVE-2026-40934 |
|
Vulnerability in jupyter-server (CVE-2026-40934)
vulnerability in jupyter-server (CVE-2026-40934). Confidential information can be exposed externally. Mitigation: upgrade to `2.18.0` or later.
|
| CVE-2026-40110 |
|
Vulnerability in jupyter-server (CVE-2026-40110)
vulnerability in jupyter-server (CVE-2026-40110). Confidential information can be exposed externally. Exploitable via ``allow_origin_pat``. Mitigation: upgrade to `057869a327c46730afede3eab0ca2d2` or later.
|
| CVE-2025-61669 |
|
Open Redirect in jupyter-server (CVE-2025-61669)
vulnerability in jupyter-server (CVE-2025-61669). Risk of unauthorized operations or information disclosure. Exploitable via ``google.com``. Mitigation: upgrade to `2.18.0` or later.
|