AI Threat Alert AI Threat Alert

CVE-2026-39377

GHSA-4c99-qj7h-p3vg MEDIUM
Published April 21, 2026

# Arbitrary File Write via Path Traversal in Cell Attachment Filenames ## Summary nbconvert allows arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The `ExtractAttachmentsPreprocessor` passes...

Full CISO analysis pending enrichment.

Affected Systems

Package Ecosystem Vulnerable Range Patched
nbconvert pip >= 6.5.0, < 7.17.1 7.17.1
13.1K OpenSSF 4.7 2.9K dependents Pushed 5d ago 100% patched ~813d to patch Full package profile →

Do you use nbconvert? You're affected.

Severity & Risk

CVSS 3.1
6.5 / 10
EPSS
N/A
Exploitation Status
No known exploitation
Sophistication
N/A

Attack Surface

AV AC PR UI S C I A
AV Network
AC Low
PR None
UI Required
S Unchanged
C None
I High
A None

Recommended Action

Patch available

Update nbconvert to version 7.17.1

Compliance Impact

Compliance analysis pending. Sign in for full compliance mapping when available.

Frequently Asked Questions

What is CVE-2026-39377?

nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames

Is CVE-2026-39377 actively exploited?

No confirmed active exploitation of CVE-2026-39377 has been reported, but organizations should still patch proactively.

How to fix CVE-2026-39377?

Update to patched version: nbconvert 7.17.1.

What is the CVSS score for CVE-2026-39377?

CVE-2026-39377 has a CVSS v3.1 base score of 6.5 (MEDIUM).

Technical Details

NVD Description

# Arbitrary File Write via Path Traversal in Cell Attachment Filenames ## Summary nbconvert allows arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The `ExtractAttachmentsPreprocessor` passes attachment filenames directly to the filesystem without sanitization, enabling path traversal attacks. This vulnerability provides complete control over both the destination path and file extension. ## Impact This vulnerability allows writing files with arbitrary content to arbitrary filesystem locations, limited only by the permissions of the process running nbconvert. The attacker controls: - Full destination path (via `../` traversal) - Filename - File extension - File content ## Patches - upgrade to nbconvert v7.17.1 ## Workarounds disable ExtractAttachmentsPreprocessor by setting: ```python c. ExtractAttachmentsPreprocessor.enabled = False ```

Weaknesses (CWE)

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Primary CWE-73 External Control of File Name or Path Primary

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References

Timeline

Published
April 21, 2026
Last Modified
April 21, 2026
First Seen
April 21, 2026

Related Vulnerabilities

HIGH CVE-2018-8768 7.8

Jupyter Notebook: XSS via malicious .ipynb file

Same package: notebook
MEDIUM CVE-2026-39378 6.5

Analysis pending

Same package: notebook
MEDIUM CVE-2018-21030 5.3

Jupyter Notebook: XSS via missing CSP on served files

Same package: notebook
CRITICAL GHSA-2679-6mx9-h9xc

Marimo: pre-auth RCE via terminal WebSocket

Same package: notebook
Back to Threat Feed