AI Threat Alert

Jupyter Notebook Vulnerabilities

pip AI Tools

32

Risk Score

11

Total CVEs

2

Critical

pip

Ecosystem

May 12, 2026

Last CVE

75%

Patch Rate

452d

Avg Time to Patch

13,148 stars 5,668 forks 1,916 issues 2,942 dependents Last push May 13, 2026

OpenSSF Scorecard 5.0/10

Known Vulnerabilities (11 total, page 1 of 1)

Severity CVE ID Summary CVSS Published

CRITICAL CVE-2026-44650 SillyTavern: unauth path traversal wipes extensions 9.1 May 12, 2026 HIGH CVE-2026-42557 JupyterLab: one-click RCE via notebook HTML cell output -- May 6, 2026 HIGH CVE-2026-42266 JupyterLab: Extension allow-list bypass enables privesc 8.8 May 5, 2026 MEDIUM CVE-2025-61669 jupyter-server: Open redirect enables credential phishing -- May 5, 2026 HIGH CVE-2026-35397 Jupyter Server: path traversal leaks sibling directories 7.1 May 5, 2026 HIGH CVE-2026-40171 Jupyter Notebook: stored XSS enables full account takeover -- Apr 30, 2026 MEDIUM CVE-2026-39377 nbconvert: path traversal enables arbitrary file write 6.5 Apr 21, 2026 MEDIUM CVE-2026-39378 nbconvert: path traversal exfiltrates files via HTML export 6.5 Apr 21, 2026 CRITICAL GHSA-2679-6mx9-h9xc Marimo: pre-auth RCE via terminal WebSocket -- Apr 8, 2026 HIGH CVE-2018-8768 Jupyter Notebook: XSS via malicious .ipynb file 7.8 Jul 12, 2018 MEDIUM CVE-2018-21030 Jupyter Notebook: XSS via missing CSP on served files 5.3 Nov 8, 2019

Monitor Jupyter Notebook in your stack

Get instant alerts when new vulnerabilities affect Jupyter Notebook. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring