Jupyterhub
This hub aggregates every CVE we track for Jupyterhub, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM3HIGH2LOW1
Monthly trend
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Jupyterhub.
- CVE-2026-40864JupyterHub: Cross-origin form POSTs bypass XSRF5.4
- CVE-2024-41942JupyterHub has a privilege escalation vulnerability with the `admin:users` scope7.2
- CVE-2024-28233XSS in JupyterHub via Self-XSS leveraged by Cookie Tossing8.1
- CVE-2021-41247incomplete logout in JupyterHub3.5
- CVE-2020-36191JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an _xsrf field, as demonstrated by a /hub/api/user request (to add or remove a user account).4.5
- CVE-2019-10255An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will re...6.1
Product normalization is registry-driven with AI assist and human review. How it works