134 matches found
BIT-JUPYTERLAB-2026-42266 JupyterLab has an Extension Manager API/GUI Policy Discrepancy allowing 3rd party (malicious) extensions install via POST request.
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
SUSE CVE-2026-42266
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
CVE-2026-42266
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
DEBIAN-CVE-2026-42266
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
PYSEC-2026-164
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
PYSEC-2026-164
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
CVE-2026-42266
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
UBUNTU-CVE-2026-42266
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
CVE-2026-42266 JupyterLab has an Extension Manager API/GUI Policy Discrepancy allowing 3rd party (malicious) extensions install via POST request.
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
CVE-2026-42266 JupyterLab has an Extension Manager API/GUI Policy Discrepancy allowing 3rd party (malicious) extensions install via POST request.
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
CVE-2026-42266
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
CVE-2026-42266
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...
CVE-2026-42266
JupyterLab prior to 4.5.7 is affected: from 4.0.0 to 4.5.6 the allow-list for PyPI Extension Manager extensions could be bypassed, as allowed_extensions_uris was not properly enforced and not confined to the default PyPI index. This could allow an authenticated attacker to install unapproved/mali...
JupyterLab 参数注入漏洞
JupyterLab is an open-source extension for interactive and reproducible computing environments, based on Jupyter Notebooks and their architecture. Versions 4.0.0 to 4.5.6 of JupyterLab contain a parameter injection vulnerability. This vulnerability arises from improper execution of the allowlist...
GHSA-37W4-HWHX-4RC4 JupyterLab has an Extension Manager API/GUI Policy Discrepancy, allowing 3rd party (malicious) extensions install via POST request
The allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab prior to 4.5.7. The PyPI Extension Manager was not contained to packages listed on the default PyPI index. This has security implications for deployments...
JupyterLab has an Extension Manager API/GUI Policy Discrepancy, allowing 3rd party (malicious) extensions install via POST request
The allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab prior to 4.5.7. The PyPI Extension Manager was not contained to packages listed on the default PyPI index. This has security implications for deployments...
PT-2026-37256
Name of the Vulnerable Software and Affected Versions JupyterLab versions prior to 4.5.7 Description The PyPI Extension Manager does not correctly enforce the allowed extensions uris allow-list, allowing the installation of packages not listed on the default PyPI index. This issue affects...
(0Day) Docker Desktop extension-manager Exposed Dangerous Function Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. An attacker must first obtain the ability to execute high-privileged code within the container in order to exploit this vulnerability. The specific flaw exists within the the...
ComfyUI-Manager CRLF Injection Vulnerability
ComfyUI is a popular node-based Stable Diffusion GUI widely used for building and executing AI image generation workflows.ComfyUI-Manager is an extension manager plugin for ComfyUI to simplify the management of installations of custom nodes, models and dependencies. ComfyUI-Manager suffers from a...
EUVD-2010-3154
Malware in sbrugna...