SecAlerts
CVE ListPricingSign Up
jupyter logo

jupyter

Security Risk Profile

52
/100
medium

Security Risk Score

Comprehensive risk assessment based on 57 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from September 2, 2015 to present

57
Total CVEs
33
Critical+High
0
Exploited
2
Unpatched

Threat Assessment

Avg CVSS
7.3
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
2
Critical/High
Risk Level
52/100
medium
📈 4 in Last 30 Days

Severity Distribution

Critical
11
High
22
Medium
23
Low
0

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
6

Age Distribution

Common Weaknesses (CWE)

1
XSS
16
2
Path Traversal
4
3
Infoleak
3
4
CSRF
3
5
Input Validation
3

Most Affected Products

1. jupyter notebook25
2. pip/notebook17
3. jupyter JupyterLab13
4. jupyter Jupyter Server12
5. pip/jupyter-server11

Recent Vulnerabilities

See more →
CVE-2026-40934
CVSS 7.6high

jupyter-server authentication cookies remain valid after password reset due to static cookie secret

5/5/2026
CVE-2026-40110
CVSS 7.6high

jupyter-server CORS origin validation bypass via unanchored regex in allow_origin_pat

5/5/2026
CVE-2026-35397
CVSS 7.6high

jupyter-server path traversal allows access to sibling directories sharing root_dir name prefix

5/5/2026
CVE-2025-61669
CVSS 6.3medium

jupyter_server next parameter open redirect can redirect users to external domains

5/5/2026
CVE-2026-39378
CVSS 6.5medium

nbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image Embedding

4/21/2026
CVE-2026-39377
CVSS 6.5medium

nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames

4/21/2026
CVE-2026-34052
CVSS 5.9medium

LTI JupyterHub Authenticator: Unbounded Memory Growth via Nonce Storage (Denial of Service)

4/3/2026
CVE-2026-33709
CVSS 5.1medium

JupyterHub has an Open Redirect Vulnerability

4/3/2026
CVE-2026-33175
CVSS 8.8high

OAuthenticator: Authentication Bypass in Auth0OAuthenticator via Unverified Email Claims

4/3/2026
CVE-2025-53000
CVSS 8.5high

nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows

12/17/2025🔧 No Patch

Monitor jupyter in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.

jupyter Security Vulnerabilities & Risk Score | 57 CVEs | SecAlerts - SecAlerts