Lucene search
K

5 matches found

NVD
NVD
added 2026/06/26 10:16 a.m.9 views

CVE-2026-6658

A vulnerability in jupyter/nbconvert versions tag. This vulnerability impacts any server using nbconvert to render notebooks as HTML, allowing attackers to execute arbitrary JavaScript in the context of users viewing the HTML export...

5.4CVSS0.00134EPSS
Exploits0References1
OSV
OSV
added 2026/06/26 10:16 a.m.4 views

UBUNTU-CVE-2026-6658

A vulnerability in jupyter/nbconvert versions tag. This vulnerability impacts any server using nbconvert to render notebooks as HTML, allowing attackers to execute arbitrary JavaScript in the context of users viewing the HTML export...

5.4CVSS6AI score0.00134EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/26 9:40 a.m.37 views

CVE-2026-6658 Cross-site Scripting (XSS) in jupyter/nbconvert

A vulnerability in jupyter/nbconvert versions tag. This vulnerability impacts any server using nbconvert to render notebooks as HTML, allowing attackers to execute arbitrary JavaScript in the context of users viewing the HTML export...

5.4CVSS0.00134EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 9:40 a.m.6 views

CVE-2026-6658

A vulnerability in jupyter/nbconvert versions = 7.17.0 allows for Cross-site Scripting XSS via unsanitized text/vnd.mermaid output in HTML exports. The datamermaid block in share/templates/lab/base.html.j2 renders text/vnd.mermaid cell output directly into HTML without escaping, enabling attacker...

5.4CVSS6.3AI score0.00134EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 9:40 a.m.13 views

CVE-2026-6658

The CVE-2026-6658 issue affects jupyter/nbconvert versions <= 7.17.0. The vulnerability arises because the data_mermaid block in share/templates/lab/base.html.j2 renders text/vnd.mermaid cell output directly into HTML without escaping, enabling Cross-site Scripting (XSS) by breaking out of the...

5.4CVSS6.3AI score0.00134EPSS
Exploits0References1
Rows per page
Query Builder