Lucene search
K

4216 matches found

OSV
OSV
added 2026/05/11 5:41 a.m.5 views

BIT-JUPYTER-BASE-NOTEBOOK-2026-40171 Jupyter Notebook and JupyterLab token theft via stored XSS in help command linker

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

8.4CVSS6AI score0.00476EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 12:0 a.m.7 views

OPENSUSE-SU-2026:10748-1 jupyter-jupyterlab-4.5.7-1.1 on GA media

These are all security issues fixed in the jupyter-jupyterlab-4.5.7-1.1 package on the GA media of openSUSE Tumbleweed...

9.6CVSS5.8AI score0.0053EPSS
Exploits0References3
OSV
OSV
added 2026/05/08 11:2 p.m.13 views

GHSA-3258-QMV8-FRP3 free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers

Summary free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and the requests reach the SMF business handlers. In the running Docker lab...

10CVSS5.8AI score0.00331EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2026/05/08 1:41 p.m.130 views

dirtyfrag-lab

DirtyFrag Detection Lab A self-contained detection engineerin...

7.8CVSS6.1AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/05/08 1:7 p.m.160 views

Exploit for CVE-2026-3844

CVE-2026-3844 — Breeze Cache Unauthenticated Arbitrary File Up...

9.8CVSS6.5AI score0.36512EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-40171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and...

8.4CVSS6.3AI score0.00476EPSS
Exploits0References3
OSV
OSV
added 2026/05/06 8:16 p.m.5 views

DEBIAN-CVE-2026-40171

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

8.4CVSS6AI score0.00476EPSS
Exploits0References1
NVD
NVD
added 2026/05/06 8:16 p.m.32 views

CVE-2026-40171

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

8.4CVSS0.00476EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 7:36 p.m.19 views

CVE-2026-40171

CVE-2026-40171 affects Jupyter components prior to fixes: Notebook 7.0.0–7.5.5, JupyterLab up to 4.5.6, and related help extensions (@jupyter-notebook/help-extension, @jupyterlab/help-extension). The root cause is a stored XSS in the CommandLinker used by the Help Extension, which can be chained ...

8.4CVSS6AI score0.00476EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 7:36 p.m.33 views

CVE-2026-40171 Jupyter Notebook and JupyterLab token theft via stored XSS in help command linker

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

8.4CVSS0.00476EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:36 p.m.6 views

CVE-2026-40171

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

8.4CVSS6AI score0.00476EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2026/05/06 7:36 p.m.1 views

CVE-2026-40171 Jupyter Notebook and JupyterLab token theft via stored XSS in help command linker

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

8.4CVSS6.1AI score0.00476EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/06 12:17 a.m.87 views

Exploit for SQL Injection in Progress Moveit_Cloud

CVE-2023-34362 MOVEit Transfer Vulnerability Analysis Proj...

9.8CVSS5.9AI score0.99934EPSS
Exploits15
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.16 views

Jupyter多款产品 跨站脚本漏洞

Jupyter Notebook is an open-source web application developed by Project Jupyter, designed for creating and sharing code along with explanatory text documents. JupyterLab is another open-source project developed by JupyterLab, offering an extensible environment for interactive and reproducible...

8.4CVSS5.8AI score0.00476EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

eLabFTW 安全漏洞

eLabFTW is an open-source experimental data hosting platform developed by eLabFTW. This platform runs on the Linux system and supports the storage of various types of objects. Versions of eLabFTW 5.4.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the login process...

5.9CVSS5.9AI score0.00254EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/04 5:37 p.m.210 views

Exploit for Heap-based Buffer Overflow in Postgresql

CVE-2026-2005 — PostgreSQL pgcrypto Heap Overflow Lab A self-...

8.8CVSS6.5AI score0.01208EPSS
Exploits3
GithubExploit
GithubExploit
added 2026/05/04 10:54 a.m.173 views

Exploit for Missing Authentication for Critical Function in Coreweave Marimo

CVE-2026-39987 — marimo Pre-Auth Terminal WebSocket RCE Lab...

9.8CVSS7.9AI score0.95645EPSS
Exploits11
GithubExploit
GithubExploit
added 2026/05/04 10:54 a.m.130 views

Exploit for Missing Authentication for Critical Function in Coreweave Marimo

CVE-2026-39987 — marimo Pre-Auth Terminal WebSocket RCE Lab...

9.8CVSS7.9AI score0.95645EPSS
Exploits11
GithubExploit
GithubExploit
added 2026/05/04 3:47 a.m.86 views

Exploit for Out-of-bounds Write in Zeromq Libzmq

CVE-2019-13132 — libzmq CURVE INITIATE stack overflow → RCE la...

9.8CVSS7.6AI score0.42464EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/05/03 8:46 p.m.100 views

dvwa-xss

Cross-Site Scripting XSS Attack & Analysis — DVWA A hands-o...

5.9AI score
Exploits0
Rows per page
Query Builder