Notebook
This hub aggregates every CVE we track for Notebook, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
23
CVEs tracked
2
Critical
5
High
0
In CISA KEV
Severity distribution
MEDIUM16HIGH5CRITICAL2
Monthly trend
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Notebook.
- CVE-2026-42557jupyterlab: Command linker attributes in HTML enable one-click command execution from untrusted content9.6
- CVE-2024-43805HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering7.6
- CVE-2024-22420Stored cross site scripting in Markdown Preview in JupyterLab6.5
- CVE-2024-22421Potential authentication and CSRF tokens leak in JupyterLab7.6
- CVE-2022-3746A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormall...6.7
- CVE-2022-3745A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.4.4
- CVE-2022-3744A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-code...6.7
- CVE-2022-3743A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enu...4.4
- CVE-2022-3742A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper b...6.7
- CVE-2022-29238Forced Browsing in Jupyter Notebook4.3
- CVE-2022-24758Insertion of Sensitive Information into Log File affects Jupyter Notebook7.5
- CVE-2021-32798Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook10.0
- CVE-2021-32797JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>7.4
- CVE-2020-26215Open redirect in Jupyter Notebook4.4
- CVE-2018-21030Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. Thus, for example, an XSS payload can be placed in an SVG document.5.3
Product normalization is registry-driven with AI assist and human review. How it works