Vulnerabilities in jupyterlab
10 resultsCVE-2021-32797HIGHJupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>EPSS 2.6%CVE-2024-39700CRITICALRemote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub ActionEPSS 1.0%CVE-2024-22421HIGHPotential authentication and CSRF tokens leak in JupyterLabEPSS 0.7%CVE-2024-22420MEDIUMStored cross site scripting in Markdown Preview in JupyterLabEPSS 0.6%CVE-2025-30370HIGHjupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal"EPSS 0.5%CVE-2026-42266HIGHJupyterLab has an Extension Manager API/GUI Policy Discrepancy allowing 3rd party (malicious) extensions install via POST request.EPSS 0.5%CVE-2026-40171HIGHJupyter Notebook and JupyterLab token theft via stored XSS in help command linkerEPSS 0.5%CVE-2024-43805HIGHHTML injection in Jupyter Notebook and JupyterLab leading to DOM ClobberingEPSS 0.4%CVE-2026-42557HIGHjupyterlab: Command linker attributes in HTML enable one-click command execution from untrusted contentEPSS 0.3%CVE-2025-59842LOWJupyterLab LaTeX typesetter links did not enforce `noopener` attributeEPSS 0.2%