AI Threat Alert

Jupyter Vulnerabilities

pip AI Tools

28

Risk Score

10

Total CVEs

1

Critical

pip

Ecosystem

May 6, 2026

Last CVE

69%

Patch Rate

0d

Avg Time to Patch

13,148 stars 5,668 forks 1,916 issues 1,864 dependents Last push May 13, 2026

OpenSSF Scorecard 5.0/10

Known Vulnerabilities (10 total, page 1 of 1)

Severity CVE ID Summary CVSS Published

HIGH CVE-2026-42557 JupyterLab: one-click RCE via notebook HTML cell output -- May 6, 2026 HIGH CVE-2026-33079 mistune: ReDoS exposes Jupyter/AI services to DoS -- May 6, 2026 HIGH CVE-2026-42266 JupyterLab: Extension allow-list bypass enables privesc 8.8 May 5, 2026 MEDIUM CVE-2025-61669 jupyter-server: Open redirect enables credential phishing -- May 5, 2026 HIGH CVE-2026-35397 Jupyter Server: path traversal leaks sibling directories 7.1 May 5, 2026 HIGH CVE-2026-40110 Jupyter Server: CORS bypass via regex anchor omission -- May 5, 2026 MEDIUM CVE-2026-40934 jupyter-server: auth cookie survives password reset 6.8 May 5, 2026 MEDIUM CVE-2026-40864 JupyterHub: CSRF bypass on spawn and share endpoints 5.4 May 5, 2026 HIGH CVE-2026-40171 Jupyter Notebook: stored XSS enables full account takeover -- Apr 30, 2026 CRITICAL CVE-2025-32428 jupyter-remote-desktop-proxy: VNC network exposure -- Apr 12, 2025

Monitor Jupyter in your stack

Get instant alerts when new vulnerabilities affect Jupyter. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring