3 matches found
CVE-2026-28201
Open Notebook v1.8.1 is affected by CVE-2026-28201 due to improper input validation and a permissive default CORS policy. A remote attacker can trick a legitimate user into altering or deleting arbitrary database entries via a specially crafted URL, with data exfiltration possible depending on de...
Jupyter多款产品 跨站脚本漏洞
Jupyter Notebook is an open-source web application developed by Project Jupyter, designed for creating and sharing code along with explanatory text documents. JupyterLab is another open-source project developed by JupyterLab, offering an extensible environment for interactive and reproducible...
GHSA-V7VQ-3X77-87VG Token bruteforcing.
Impact What kind of vulnerability is it? Who is impacted? Authenticated requests to the notebook server with ContentsManager.allowhidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files in hidden directories i.e. hidden files were...