2 matches found
PT-2026-37256
Name of the Vulnerable Software and Affected Versions JupyterLab versions prior to 4.5.7 Description The PyPI Extension Manager does not correctly enforce the allowed extensions uris allow-list, allowing the installation of packages not listed on the default PyPI index. This issue affects...
CVE-2026-27895 LAM has incorrect regular expression in PDF export component that allows user to upload files of any type
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...