Jupyter_server

This hub aggregates every CVE we track for Jupyter_server, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 12 most recently published vulnerabilities affecting Jupyter_server.

• CVE-2026-40934jupyter-server authentication cookies remain valid after password reset due to static cookie secret6.8May 5, 2026
• CVE-2026-40110jupyter-server CORS origin validation bypass via unanchored regex in allow_origin_pat7.3May 5, 2026
• CVE-2026-35397jupyter-server path traversal allows access to sibling directories sharing root_dir name prefix8.8May 5, 2026
• CVE-2025-61669jupyter_server next parameter open redirect can redirect users to external domains6.1May 5, 2026
• CVE-2024-35178Jupyter server on Windows discloses Windows user password hash7.5Jun 6, 2024
• CVE-2023-49080Jupyter Server errors include tracebacks with path information3.5Dec 4, 2023
• CVE-2023-39968Open Redirect Vulnerability in jupyter-server4.3Aug 28, 2023
• CVE-2023-40170cross-site inclusion (XSSI) of files in jupyter-server4.6Aug 28, 2023
• CVE-2022-29241Known or guessable hidden files may be accessed in Jupyter Server7.1Jun 14, 2022
• CVE-2022-24757Sensitive Auth & Cookie data stored in Jupyter server logs7.5Mar 23, 2022
• CVE-2020-26275Open redirect vulnerability6.1Dec 21, 2020
• CVE-2020-26232Open redirect in Jupyter Server4.1Nov 24, 2020