Package impact
PyPI / notebook
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-42557 | high | — | 8.0 | 15d ago | JupyterLab's command linker attributes in HTML enable one-click command execution from untrusted content | |
| CVE-2026-40171 | high | — | 8.0 | 22d ago | Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS | |
| CVE-2021-32798 | high | — | 8.0 | 5y ago | The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Goo… | |
| CVE-2021-32797 | high | — | 8.0 | 5y ago | JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterL… |