Jupyterlab
This hub aggregates every CVE we track for Jupyterlab, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
2
Critical
4
High
0
In CISA KEV
Severity distribution
HIGH4MEDIUM2CRITICAL2
Monthly trend
1
1
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
2
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting Jupyterlab.
- CVE-2026-42266JupyterLab has an Extension Manager API/GUI Policy Discrepancy allowing 3rd party (malicious) extensions install via POST request.8.8
- CVE-2026-42557jupyterlab: Command linker attributes in HTML enable one-click command execution from untrusted content9.6
- CVE-2025-59842JupyterLab LaTeX typesetter links did not enforce `noopener` attribute4.3
- CVE-2024-43805HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering7.6
- CVE-2024-39700Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action9.9
- CVE-2024-22420Stored cross site scripting in Markdown Preview in JupyterLab6.5
- CVE-2024-22421Potential authentication and CSRF tokens leak in JupyterLab7.6
- CVE-2021-32797JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>7.4
Product normalization is registry-driven with AI assist and human review. How it works