Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/05/06 12:0 a.m.8 views

PT-2026-38276

Name of the Vulnerable Software and Affected Versions JupyterLab versions prior to 4.5.7 Jupyter Notebook versions prior to 7.5.6 Description The HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements. Because CommandLinker listens for all click events...

9.6CVSS6.1AI score0.00061EPSS
Exploits0References19
Snyk
Snykadded 2026/04/21 2:8 a.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the HTMLExporter.embedimages function. An attacker can access sensitive files on the conversion host by crafting malicious notebooks containing image references that perform path traversal, resulting in the files...

6.9CVSS6.4AI score0.00039EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-0106

Malware in sbrugna...

7.8CVSS7.5AI score0.0011EPSS
Exploits0References10
RedhatCVE
RedhatCVEadded 2025/05/22 6:37 p.m.3 views

CVE-2021-32798

The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim...

10CVSS6.9AI score0.00172EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-24758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information...

7.5CVSS6.5AI score0.00567EPSS
Exploits0References2
OSV
OSVadded 2024/03/16 1:42 a.m.11 views

MGASA-2024-0067 Updated jupyter-notebook packages fix security vulnerabilities

Path traversal in moment.locale. CVE-2022-24785 Inefficient parsing algorithim resulting in DoS. CVE-2022-31129...

7.5CVSS6.9AI score0.02872EPSS
Exploits1References5
OSV
OSVadded 2021/08/23 7:40 p.m.0 views

GHSA-HWVQ-6GJX-J797 Special Element Injection in notebook

Impact Untrusted notebook can execute code on load. This is a remote code execution, but requires user action to open a notebook. Patches 5.7.11, 6.4.1 References OWASP Page on Injection Prevention For more information If you have any questions or comments about this advisory, or vulnerabilities ...

10CVSS7.4AI score0.00172EPSS
Exploits1References5
OSV
OSVadded 2018/03/18 6:29 a.m.2 views

DEBIAN-CVE-2018-8768

In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous...

7.8CVSS7.4AI score0.0011EPSS
Exploits0References1
Rows per page
Query Builder