PYSEC-2026-2535

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/jupyterlab/PYSEC-2026-2535.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-2535
Aliases
Published
2026-07-13T14:20:02.558089Z
Modified
2026-07-13T16:43:39.178881124Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
Summary
JupyterLab vulnerable to SXSS in Markdown Preview
Details

Impact

The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature.

A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user.

Patches

JupyterLab v4.0.11 was patched.

Workarounds

Users can either disable the table of contents extension by running:

jupyter labextension disable @jupyterlab/toc-extension:registry

References

Vulnerability reported via the bug bounty program sponsored by the European Commission and hosted on the Intigriti platform.

References

Affected packages

PyPI / jupyterlab

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.0.0
Fixed
4.0.11

Affected versions

4.*
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/jupyterlab/PYSEC-2026-2535.yaml"