Package impact
PIP / notebook
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42557 | high | — | 8.0 | 15d ago | JupyterLab's command linker attributes in HTML enable one-click command execution from untrusted content | |||
| CVE-2026-40171 | high | — | 8.0 | 22d ago | Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS |