Browse all 14 CVE security advisories affecting jupyter. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Jupyter serves as an interactive computing platform widely used for data analysis, machine learning, and scientific research. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and authentication flaws. Notable security characteristics include its web-based interface and notebook architecture, which can expose sensitive data if improperly configured. While no major public incidents have been widely documented, the 14 CVEs on record highlight ongoing security concerns, particularly around unauthorized access and code execution risks. Proper configuration and regular updates remain critical for secure deployment in production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39378 | nbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image Embedding — nbconvertCWE-22 | 6.5 | Medium | 2026-04-21 |
| CVE-2026-39377 | nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames — nbconvertCWE-22 | 6.5 | Medium | 2026-04-21 |
| CVE-2025-53000 | nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows — nbconvertCWE-427 | 8.8AI | HighAI | 2025-12-17 |
| CVE-2021-32862 | nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths — nbconvertCWE-79 | 7.5 | High | 2022-08-18 |
This page lists every published CVE security advisory associated with jupyter. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.