Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

jupyter — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting jupyter. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Jupyter serves as an interactive computing platform widely used for data analysis, machine learning, and scientific research. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and authentication flaws. Notable security characteristics include its web-based interface and notebook architecture, which can expose sensitive data if improperly configured. While no major public incidents have been widely documented, the 14 CVEs on record highlight ongoing security concerns, particularly around unauthorized access and code execution risks. Proper configuration and regular updates remain critical for secure deployment in production environments.

Top products by jupyter: notebook nbconvert jupyter_core jupyter_server nbdime nbgrader
CVE IDTitleCVSSSeverityPublished
CVE-2026-40171 Jupyter Notebook and JupyterLab token theft via stored XSS in help command linker — notebookCWE-79--2026-05-06
CVE-2026-39378 nbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image Embedding — nbconvertCWE-22 6.5 Medium2026-04-21
CVE-2026-39377 nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames — nbconvertCWE-22 6.5 Medium2026-04-21
CVE-2025-53000 nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows — nbconvertCWE-427 8.8AIHighAI2025-12-17
CVE-2025-30167 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — jupyter_coreCWE-427 7.3 High2025-06-03
CVE-2025-23205 `frame-ancestors: self` grants all users access to formgrader in nbgrader — nbgraderCWE-668 6.5 -2025-01-17
CVE-2022-39286 Execution with Unnecessary Privileges in JupyterApp — jupyter_coreCWE-269 8.8 High2022-10-26
CVE-2021-32862 nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths — nbconvertCWE-79 7.5 High2022-08-18
CVE-2022-29238 Forced Browsing in Jupyter Notebook — notebookCWE-425 4.3 Medium2022-06-14
CVE-2022-24758 Insertion of Sensitive Information into Log File affects Jupyter Notebook — notebookCWE-532 7.5 High2022-03-31
CVE-2021-41134 Stored XSS in Jupyter nbdime — nbdimeCWE-79 8.7 High2021-11-03
CVE-2021-32798 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook — notebookCWE-79 10.0 Critical2021-08-09
CVE-2020-26232 Open redirect in Jupyter Server — jupyter_serverCWE-601 4.1 Medium2020-11-24
CVE-2020-26215 Open redirect in Jupyter Notebook — notebookCWE-601 4.4 Medium2020-11-18

This page lists every published CVE security advisory associated with jupyter. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.