| CVE-2026-42557 |
critical |
9.6 |
9.6 |
|
|
|
22d ago |
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlink… |
| CVE-2026-42266 |
high |
8.8 |
8.8 |
|
|
|
29d ago |
JupyterLab has an Extension Manager API/GUI Policy Discrepancy, allowing 3rd party (malicious) extensions install via POST request |
| CVE-2026-40171 |
high |
— |
8.0 |
|
|
|
28d ago |
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 an… |
| CVE-2021-32797 |
high |
— |
8.0 |
|
|
|
5y ago |
JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterL… |
