420 matches found
CVE-2026-49384
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible...
CVE-2026-40171
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...
JetBrains PyCharm < 2025.3.4 Stored XSS
According to its self-reported version, the JetBrains PyCharm installation on the remote host is prior to 2025.3.4. It is, therefore, affected by a stored cross-site scripting XSS vulnerability in Jupyter notebook Markdown cells. In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook...
CVE-2026-49384
JetBrains PyCharm before 2025.3.4 is affected by a stored XSS vulnerability in Jupyter notebook Markdown cells. The CVE notes untrusted content in Markdown cells can be rendered, enabling potential script execution. Supported data: CVSS 3.1 base score 6.1 (Network attack vector, required user int...
CVE-2026-49384
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible...
CVE-2026-49384
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible...
EUVD-2026-33392
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible...
CVE-2026-49384
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible...
PT-2026-44964
Name of the Vulnerable Software and Affected Versions JetBrains PyCharm versions prior to 2025.3.4 Description Stored Cross-Site Scripting XSS is possible within Jupyter notebook Markdown cells. Cross-Site Scripting is a type of security flaw where malicious scripts are injected into trusted...
Astra Linux - уязвимость в jupyter-notebook
The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions, untrusted notebooks may execute code upon loading. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be exploited to trigger XSS...
BIT-JUPYTERLAB-2026-40171 Jupyter Notebook and JupyterLab token theft via stored XSS in help command linker
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...
BIT-JUPYTER-NOTEBOOK-2026-40171 Jupyter Notebook and JupyterLab token theft via stored XSS in help command linker
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...
BIT-JUPYTER-BASE-NOTEBOOK-2026-40171 Jupyter Notebook and JupyterLab token theft via stored XSS in help command linker
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...
OPENSUSE-SU-2026:10749-1 jupyter-notebook-7.5.6-1.1 on GA media
These are all security issues fixed in the jupyter-notebook-7.5.6-1.1 package on the GA media of openSUSE Tumbleweed...
Jupyter Notebook Python Library 7.0.0 < 7.5.6 (CVE-2026-42557)
Jupyter Notebook is an extensible environment for interactive and reproducible computing. The version of Jupyter Notebook installed on the remote host is 7.0.0 prior to 7.5.6. It is, therefore, affected by a vulnerability: - JupyterLab's command linker attributes in HTML enable one-click command...
Linux Distros Unpatched Vulnerability : CVE-2026-40171
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and...
@datalayer/jupyter-react (>=0.0.6 <=0.9.5), @jupyter-notebook/application-extension (>=7.1.0 <=7.4.7) +3 more potentially affected by CVE-2026-42557 via @jupyterlab/rendermime (>=4.0.0-alpha.11 <=4.4.10)
@jupyterlab/rendermime NPM version =4.0.0-alpha.11, =0.0.6, =7.1.0, =0.0.23, =1.29.0, =1.30.0-rc1 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABRENDERMIME-16438960...
@jupyter-notebook/application (>=7.2.0 <=7.4.7), @jupyterlite/application (>=0.4.0 <=0.6.4) +4 more potentially affected by CVE-2026-42557 via @jupyterlab/rendermime-interfaces (>=3.10.7 <=3.12.10)
@jupyterlab/rendermime-interfaces NPM version =3.10.7, =7.2.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.1.1, =0.2.2 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABRENDERMIMEINTERFACES-16438959...
DEBIAN-CVE-2026-40171
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...
CVE-2026-40171
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...