UBUNTU-CVE-2026-40171

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2026-40171

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40171.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-40171

Upstream

CVE-2026-40171

Published

2026-05-06T20:16:00Z

Modified

2026-05-20T16:25:38.781312910Z

Severity

8.4 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with attacker-controlled notebook content to steal authentication tokens with a single click. An attacker can craft a malicious notebook file containing elements that appear indistinguishable from legitimate controls and trigger execution when a user interacts with them. Successful exploitation allows theft of the user's authentication token and complete takeover of the Jupyter session through the REST API, including reading files, creating or modifying files, accessing kernels to execute arbitrary code, and creating terminals for shell access. This issue has been fixed in Notebook 7.5.6, JupyterLab 4.5.7, @jupyter-notebook/help-extension 7.5.6, and @jupyterlab/help-extension 4.5.7. As a workaround, disable the affected help extensions or set allowCommandLinker to false in the sanitizer configuration.

References

Affected packages

Ubuntu:18.04:LTS

jupyter-notebook

Package

Name: jupyter-notebook
Purl: pkg:deb/ubuntu/jupyter-notebook?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.2.3-4

5.*

5.1.0-2

5.2.1-2

5.2.2-1

5.2.2-1ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "jupyter-notebook",
            "binary_version": "5.2.2-1ubuntu0.1"
        },
        {
            "binary_name": "python-notebook",
            "binary_version": "5.2.2-1ubuntu0.1"
        },
        {
            "binary_name": "python3-notebook",
            "binary_version": "5.2.2-1ubuntu0.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40171.json"

Ubuntu:20.04:LTS

jupyter-notebook

Package

Name: jupyter-notebook
Purl: pkg:deb/ubuntu/jupyter-notebook?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.7.8-1

6.*

6.0.0-1

6.0.0-2

6.0.2-1

6.0.3-1

6.0.3-2

6.0.3-2ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "jupyter-notebook",
            "binary_version": "6.0.3-2ubuntu0.1"
        },
        {
            "binary_name": "python3-notebook",
            "binary_version": "6.0.3-2ubuntu0.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40171.json"

Ubuntu:25.10

jupyter-notebook

Package

Name: jupyter-notebook
Purl: pkg:deb/ubuntu/jupyter-notebook?arch=source&distro=questing

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.4.13-5

6.4.13-5ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "jupyter-notebook",
            "binary_version": "6.4.13-5ubuntu0.1"
        },
        {
            "binary_name": "python3-notebook",
            "binary_version": "6.4.13-5ubuntu0.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40171.json"

Ubuntu:26.04:LTS

jupyter-notebook

Package

Name: jupyter-notebook
Purl: pkg:deb/ubuntu/jupyter-notebook?arch=source&distro=resolute

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.4.13-5ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "jupyter-notebook",
            "binary_version": "6.4.13-5ubuntu0.1"
        },
        {
            "binary_name": "python3-notebook",
            "binary_version": "6.4.13-5ubuntu0.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40171.json"

Ubuntu:Pro:22.04:LTS

jupyter-notebook

Package

Name: jupyter-notebook
Purl: pkg:deb/ubuntu/jupyter-notebook?arch=source&distro=esm-apps%2Fjammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.2.0-1

6.4.5-2

6.4.5-3

6.4.5-4

6.4.8-1

6.4.8-1ubuntu0.1

6.4.8-1ubuntu0.1+esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "jupyter-notebook",
            "binary_version": "6.4.8-1ubuntu0.1+esm1"
        },
        {
            "binary_name": "python3-notebook",
            "binary_version": "6.4.8-1ubuntu0.1+esm1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40171.json"

Ubuntu:Pro:24.04:LTS

jupyter-notebook

Package

Name: jupyter-notebook
Purl: pkg:deb/ubuntu/jupyter-notebook?arch=source&distro=esm-apps%2Fnoble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.4.12-2.2

6.4.12-2.2ubuntu1

6.4.12-2.2ubuntu1+esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "jupyter-notebook",
            "binary_version": "6.4.12-2.2ubuntu1+esm1"
        },
        {
            "binary_name": "python3-notebook",
            "binary_version": "6.4.12-2.2ubuntu1+esm1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40171.json"