FLAT-7XBQP (CVE-2026-44182)
OS Command Injection In jupyter_enterprise_gateway
9.1
Critical
Ecosystem: PyPI
Package: jupyter_enterprise_gateway
FLAT-ZQPVR (CVE-2026-44181)
Server side template injection In jupyter-enterprise-gateway
9.1
Critical
Ecosystem: PyPI
Package: jupyter-enterprise-gateway
FLAT-MD3C5 (CVE-2026-44180)
Lack of data validation In jupyter_enterprise_gateway
8.4
High
Ecosystem: PyPI
Package: jupyter_enterprise_gateway
FLAT-DGQ94 (CVE-2026-6657)
Lack of data validation In jupyter-server
4.0
Medium
Ecosystem: Debian
Package: jupyter-server
FLAT-K99KH (CVE-2026-5422)
Lack of data validation - Path Traversal In jupyter-server
8.1
High
Ecosystem: Debian
Package: jupyter-server
FLAT-O6GES (MAL-2026-5017)
Use of software with malware In @mlspace/env-jupyter-server
5.2
Medium
Ecosystem: Npm
Package: @mlspace/env-jupyter-server
FLAT-NFN5F (CVE-2026-44724)
Remote command execution In jupyterlab
5.8
Medium
Ecosystem: Debian
Package: jupyterlab
FLAT-1OCHT (CVE-2026-40864)
Cross-site request forgery In jupyterhub
1.3
Low
Ecosystem: Debian
Package: jupyterhub
FLAT-DX0WM (CVE-2026-42557)
Reflected cross-site scripting (XSS) In jupyterlab
6.1
Medium
Ecosystem: Debian
Package: jupyterlab
FLAT-T311I (CVE-2026-42266)
Lack of data validation In jupyterlab
6.1
Medium
Ecosystem: Debian
Package: jupyterlab
FLAT-WCN2N (CVE-2026-40171)
Server side cross-site scripting In jupyter-notebook
5.7
Medium
Ecosystem: Debian
Package: jupyter-notebook
FLAT-3WPK2 (CVE-2026-40934)
Session Fixation In jupyter-server
4.9
Medium
Ecosystem: Debian
Package: jupyter-server
FLAT-4UOG2 (CVE-2026-40110)
Server-side request forgery (SSRF) In jupyter-server
5.0
Medium
Ecosystem: Debian
Package: jupyter-server
FLAT-6V0GQ (CVE-2026-35397)
Lack of data validation - Path Traversal In jupyter-server
5.0
Medium
Ecosystem: Debian
Package: jupyter-server
FLAT-8S9W0 (CVE-2025-61669)
Uncontrolled external site redirect In jupyter-server
2.0
Low
Ecosystem: PyPI
Package: jupyter-server
FLAT-CNTPG (CVE-2018-19351)
Reflected cross-site scripting (XSS) In jupyter-notebook
1.2
Low
Ecosystem: Alpm
Package: jupyter-notebook
FLAT-A24KO (CVE-2018-19352)
Reflected cross-site scripting (XSS) In jupyter-notebook
1.2
Low
Ecosystem: Alpm
Package: jupyter-notebook
FLAT-NLM1P (CVE-2021-32797)
Reflected cross-site scripting (XSS) In jupyterlab
2.3
Low
Ecosystem: Alpm
Package: jupyterlab
FLAT-6ZTS1 (CVE-2021-32798)
Server side cross-site scripting In jupyter-notebook
7.7
High
Ecosystem: Alpm
Package: jupyter-notebook
FLAT-JYXBP (CVE-2026-33709)
Uncontrolled external site redirect In jupyterhub
1.2
Low
Ecosystem: Debian
Package: jupyterhub
FLAT-8FO1O (CVE-2026-34052)
Improper resource allocation In jupyterhub-ltiauthenticator
6.3
Medium
Ecosystem: PyPI
Package: jupyterhub-ltiauthenticator
FLAT-A0HMT (CVE-2026-26318)
Remote command execution In jupyterlab
5.8
Medium
Ecosystem: Debian
Package: jupyterlab
FLAT-HRHTG (CVE-2026-26280)
OS Command Injection In jupyterlab
5.9
Medium
Ecosystem: Debian
Package: jupyterlab
FLAT-O9X21 (CVE-2025-59842)
Reverse tabnabbing In jupyterlab
1.2
Low
Ecosystem: Debian
Package: jupyterlab
FLAT-JHWOS (MAL-2025-191697)
Use of software with malware In caas-jupyter-tools
5.2
Medium
Ecosystem: PyPI
Package: caas-jupyter-tools
FLAT-S3PDM (MAL-2025-6248)
Use of software with malware In foundry-jupyter-extension
5.2
Medium
Ecosystem: PyPI
Package: foundry-jupyter-extension
FLAT-AO4NU (CVE-2025-30167)
External control of file name or path In jupyter_core
2.0
Low
Ecosystem: PyPI
Package: jupyter_core
FLAT-H2U0J (CVE-2025-32428)
Sensitive information sent insecurely In jupyter-remote-desktop-proxy
6.1
Medium
Ecosystem: PyPI
Package: jupyter-remote-desktop-proxy
FLAT-NTV29 (CVE-2025-30370)
OS Command Injection In jupyterlab-git
0.8
Low
Ecosystem: PyPI
Package: jupyterlab-git
FLAT-ZFJXX (MAL-2025-2514)
Use of software with malware In jupyter-optmwidgets
5.2
Medium
Ecosystem: Npm
Package: jupyter-optmwidgets
FLAT-42L5O (MAL-2025-2086)
Use of software with malware In amazon-codewhisperer-jupyterlab-ext
5.2
Medium
Ecosystem: Npm
Package: amazon-codewhisperer-jupyterlab-ext
FLAT-15QNE (CVE-2023-25574)
Insufficient data authenticity validation In jupyterhub-ltiauthenticator
8.1
High
Ecosystem: PyPI
Package: jupyterhub-ltiauthenticator
FLAT-R4BHA (MAL-2025-66)
Use of software with malware In jupyter-binding
5.2
Medium
Ecosystem: Npm
Package: jupyter-binding
FLAT-1BUET (CVE-2024-56334)
Server side template injection In jupyterlab
5.9
Medium
Ecosystem: Debian
Package: jupyterlab
FLAT-KWQXE (MAL-2024-10472)
Use of software with malware In jupyterhub-admin-react
5.2
Medium
Ecosystem: Npm
Package: jupyterhub-admin-react
FLAT-MSSQ4 (GHSA-gj55-2xf9-67rq)
Reflected cross-site scripting (XSS) In jupyterlite-core
2.3
Low
Ecosystem: PyPI
Package: jupyterlite-core
FLAT-L4SI8 (CVE-2024-43805)
Reflected cross-site scripting (XSS) In jupyterlab
6.8
Medium
Ecosystem: PyPI
Package: jupyterlab
FLAT-37JUR (CVE-2024-41942)
Excessive privileges In jupyterhub
6.1
Medium
Ecosystem: Debian
Package: jupyterhub
FLAT-3IRKL (MAL-2024-5287)
Use of software with malware In jupyter-pytest-fi-console
5.2
Medium
Ecosystem: PyPI
Package: jupyter-pytest-fi-console
FLAT-V0219 (CVE-2024-35225)
Reflected cross-site scripting (XSS) In jupyter-server-proxy
6.1
Medium
Ecosystem: PyPI
Package: jupyter-server-proxy
FLAT-AIHAT (CVE-2024-35178)
Business information leak In jupyter_server
6.6
Medium
Ecosystem: PyPI
Package: jupyter_server
FLAT-HAJBY (CVE-2024-28188)
Improper authorization control for web services In jupyter-scheduler
2.7
Low
Ecosystem: PyPI
Package: jupyter-scheduler
FLAT-97MVQ (CVE-2024-28233)
Reflected cross-site scripting (XSS) In jupyterhub
1.3
Low
Ecosystem: PyPI
Package: jupyterhub
FLAT-SZTUZ (CVE-2024-28179)
Authentication mechanism absence or evasion In jupyter-server-proxy
8.4
High
Ecosystem: PyPI
Package: jupyter-server-proxy
FLAT-RTSNQ (CVE-2024-22420)
Server side cross-site scripting In jupyterlab
4.9
Medium
Ecosystem: Debian
Package: jupyterlab
FLAT-5L0IS (CVE-2024-22421)
Sensitive information sent insecurely In jupyterlab
5.1
Medium
Ecosystem: Debian
Package: jupyterlab
FLAT-ATBJ4 (CVE-2024-22415)
Lack of data validation - Path Traversal In jupyter-lsp
7.7
High
Ecosystem: PyPI
Package: jupyter-lsp
FLAT-BUZFU (MAL-2023-8740)
Use of software with malware In jupyter_matlab_labextension
5.2
Medium
Ecosystem: Npm
Package: jupyter_matlab_labextension
FLAT-CZ138 (MAL-2023-8721)
Use of software with malware In jupyter-notebook-deps
5.2
Medium
Ecosystem: Npm
Package: jupyter-notebook-deps
FLAT-5Y66W (CVE-2023-49080)
Technical information leak In jupyter-server
1.3
Low
Ecosystem: PyPI
Package: jupyter-server
FLAT-6DOFI (CVE-2023-39968)
Uncontrolled external site redirect In jupyter-server
1.3
Low
Ecosystem: PyPI
Package: jupyter-server
FLAT-VJ1MJ (CVE-2023-40170)
Reflected cross-site scripting (XSS) In jupyter-server
1.2
Low
Ecosystem: PyPI
Package: jupyter-server
FLAT-D9OZW (DSA-5422-1)
Lack of data validation In jupyter-core
1.3
Low
Ecosystem: Debian
Package: jupyter-core
FLAT-OZ947 (DLA-3195-1)
Lack of data validation In jupyter-core
1.3
Low
Ecosystem: Debian
Package: jupyter-core
FLAT-BVZKM (CVE-2022-39286)
Excessive privileges In jupyter-core
6.3
Medium
Ecosystem: PyPI
Package: jupyter-core
FLAT-BV0K4 (CVE-2022-29241)
Session Fixation In jupyter-server
4.8
Medium
Ecosystem: PyPI
Package: jupyter-server
FLAT-C7K7R (CVE-2020-36191)
Cross-site request forgery In jupyterhub
4.0
Medium
Ecosystem: PyPI
Package: jupyterhub
FLAT-F8W1P (CVE-2019-9644)
Reflected cross-site scripting (XSS) In jupyter-notebook
1.2
Low
Ecosystem: PyPI
Package: jupyter-notebook
FLAT-PYSCY (CVE-2022-24757)
Sensitive information in source code In jupyter-server
6.6
Medium
Ecosystem: PyPI
Package: jupyter-server
FLAT-2Q18R (CVE-2022-21697)
Server-side request forgery (SSRF) In jupyter-server-proxy
4.4
Medium
Ecosystem: PyPI
Package: jupyter-server-proxy
FLAT-23BBZ (CVE-2021-41134)
Server side cross-site scripting In nbdime-jupyterlab
2.3
Low
Ecosystem: Npm
Package: nbdime-jupyterlab
FLAT-B0ZWA (CVE-2021-41247)
Concurrent sessions In jupyterhub
1.2
Low
Ecosystem: PyPI
Package: jupyterhub
FLAT-09QL7 (CVE-2021-41194)
Improper authorization control for web services In jupyterhub-firstuseauthenticator
8.0
High
Ecosystem: PyPI
Package: jupyterhub-firstuseauthenticator
FLAT-95O7V (CVE-2020-26275)
Uncontrolled external site redirect In jupyter-server
1.3
Low
Ecosystem: Debian
Package: jupyter-server
FLAT-BGGS6 (CVE-2020-26261)
Sensitive information sent insecurely In jupyterhub-systemdspawner
7.3
High
Ecosystem: PyPI
Package: jupyterhub-systemdspawner
FLAT-Q4M9S (DLA-2477-1)
Lack of data validation In jupyter-notebook
1.3
Low
Ecosystem: Debian
Package: jupyter-notebook
FLAT-J4W8U (CVE-2020-26232)
Uncontrolled external site redirect In jupyter-server
1.2
Low
Ecosystem: PyPI
Package: jupyter-server
FLAT-8B6AA (CVE-2020-26215)
Uncontrolled external site redirect In jupyter-notebook
1.3
Low
Ecosystem: Debian
Package: jupyter-notebook
FLAT-K0SCE (DLA-2432-1)
Lack of data validation In jupyter-notebook
1.3
Low
Ecosystem: Debian
Package: jupyter-notebook
FLAT-NEWI7 (CVE-2020-15110)
Authentication mechanism absence or evasion In jupyterhub-kubespawner
4.9
Medium
Ecosystem: PyPI
Package: jupyterhub-kubespawner
FLAT-9HZ42 (CVE-2019-10255)
Uncontrolled external site redirect In jupyterhub
1.3
Low
Ecosystem: PyPI
Package: jupyterhub