CVE-2026-42557 vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips...

CVE-2026-42557

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

Jupyter Notebook Python Library 7.0.0 < 7.5.6 (CVE-2026-42557)

Jupyter Notebook is an extensible environment for interactive and reproducible computing. The version of Jupyter Notebook installed on the remote host is 7.0.0 prior to 7.5.6. It is, therefore, affected by a vulnerability: - JupyterLab's command linker attributes in HTML enable one-click command...

a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +632 more potentially affected by CVE-2026-42557 via jupyterlab (>=0.31.1 <=4.5.6)

jupyterlab PYPI version =0.31.1, =0.1.0, =0.1.0b0, =0.1.0b0, =0.1.0b0, =0.1.0, =0.5.5, =2.0.0, =0.1.1, =0.1.0, =3.0.0, =4.33.0, =5.0.0 and more Source cves: CVE-2026-42557 Source advisory: OSV:GHSA-MQCG-5X36-VFCG...

@datalayer/jupyter-react (=0.9.5) potentially affected by CVE-2026-42557 via @jupyterlab/notebook-extension (=4.1.0-beta.0)

@jupyterlab/notebook-extension NPM version =4.1.0-beta.0 is affected by a known vulnerability. The following packages have a transitive dependency on @jupyterlab/notebook-extension and may be impacted: - @datalayer/jupyter-react =0.9.5 Source cves: CVE-2026-42557 Source advisory:...

@datalayer/jupyter-react (=0.9.5) potentially affected by CVE-2026-42557 via @jupyterlab/markdownviewer-extension (=4.1.0-beta.0)

@jupyterlab/markdownviewer-extension NPM version =4.1.0-beta.0 is affected by a known vulnerability. The following packages have a transitive dependency on @jupyterlab/markdownviewer-extension and may be impacted: - @datalayer/jupyter-react =0.9.5 Source cves: CVE-2026-42557 Source advisory:...

@datalayer/jupyter-react (>=0.0.6 <=0.9.5), @jupyter-notebook/lab-extension (>=7.1.0 <=7.4.7) +9 more potentially affected by CVE-2026-42557 via @jupyterlab/notebook (>=4.0.0-alpha.11 <=4.5.1)

@jupyterlab/notebook NPM version =4.0.0-alpha.11, =0.0.6, =7.1.0, =7.1.0, =0.0.23, =5.3.6, =1.0.0, =1.4.0 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABNOTEBOOK-16438957...

@datalayer/jupyter-react (>=0.0.6 <=0.9.5), @fails-components/jupyter-applet-view (>=0.0.1-alpha.3 <=0.0.4) +21 more potentially affected by CVE-2026-42557 via @jupyterlab/apputils (>=4.0.0-alpha.11 <=4.5.10)

@jupyterlab/apputils NPM version =4.0.0-alpha.11, =0.0.6, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.0.1-alpha.3, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =0.2.0, =0.6.0, =0.6.0, =0.6.0-alpha.3, =0.6.0-alpha.9 and more Source cves: CVE-2026-42557 Source advisory:...

@fails-components/jupyter-applet-view (>=0.0.1-alpha.3 <=0.0.1-alpha.18), @fails-components/jupyter-filesystem-extension (>=0.0.1-alpha.3 <=0.0.1-alpha.18) +3 more potentially affected by CVE-2026-42557 via @jupyterlab/help-extension (>=4.0.13 <=4.4.10)

@jupyterlab/help-extension NPM version =4.0.13, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.2.0, =0.6.0-alpha.9 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABHELPEXTENSION-16438961...

a-mailx (=0.1.0), aaa-ml-datasets-course (=1.0.0) +105 more potentially affected by CVE-2026-42557 via notebook (>=7.0.0 <=7.5.5)

notebook PYPI version =7.0.0, =0.0.7, =1.0.1, =0.1.0, =1.6.4, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =0.1.8, =0.0.2, =0.0.6 - compare-my-stocks =1.0.5 and more Source cves: CVE-2026-42557 Source advisory: OSV:GHSA-MQCG-5X36-VFCG...

@datalayer/jupyter-react (>=0.0.6 <=0.9.5), @mrawdon/jupyter-react (>=0.0.23 <=0.0.32) potentially affected by CVE-2026-42557 via @jupyterlab/rendermime-extension (>=4.0.0-alpha.11 <=4.1.0-beta.0)

@jupyterlab/rendermime-extension NPM version =4.0.0-alpha.11, =0.0.6, =0.0.23, =0.0.32 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABRENDERMIMEEXTENSION-16438958...

EUVD-2025-42557

Malicious code in putra-keripik22-riris npm...

CVE-2024-42557

A Cross-Site Request Forgery CSRF in the component adminmodifyroom.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges...

CVE-2023-42557

Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code...

CVE-2024-42557

A Cross-Site Request Forgery CSRF in the component adminmodifyroom.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges...

CVE-2024-42557

A Cross-Site Request Forgery CSRF in the component adminmodifyroom.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges...

CVE-2024-42557

CVE-2024-42557 : The issue is a Cross-Site Request Forgery in the Hotel Management System’s component admin_modify_room.php tracked to commit 91caab8 , enabling privilege escalation. Connected sources confirm the vulnerability across multiple trackers (NVD/Red Hat/CVE list/CNNVD/PT-2024-30016, et...

CVE-2023-42557

creationtimestamp| type| source ---|---|--- 2023-12-24 10:11:47+00:00| seen| https://t.me/ctinow/158981...

CVE-2023-42557

Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code...

CVE-2023-42557

The CVE-2023-42557 issue affects libIfaaCa prior to Samsung SMR Dec-2023 Release 1. It is described as an out-of-bounds write that enables local attackers to execute arbitrary code. Affected software/component: libIfaaCa; root cause: out-of-bounds write; impact: local code execution with HIGH con...