Package impact
PyPI / jupyterlab
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42266 | high | 8.8 | 8.8 | 23d ago | JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed… | |||
| CVE-2026-42557 | high | — | 8.0 | 15d ago | JupyterLab's command linker attributes in HTML enable one-click command execution from untrusted content | |||
| CVE-2026-40171 | high | — | 8.0 | 22d ago | Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS | |||
| CVE-2021-32797 | high | — | 8.0 | 5y ago | JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterL… |