CVE-2025-53000
HIGHjupyter/nbconvert <= 7.16.6 - Unauthenticated Remote Code Execution via SVG to PDF Conversion
Title source: llmDescription
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a `inkscape.bat` file that defines a Windows batch script, capable of arbitrary code execution. When a user runs `jupyter nbconvert --to pdf` on a notebook containing SVG output to a PDF on a Windows platform from this directory, the `inkscape.bat` file is run unexpectedly. This issue has been patched in version 7.17.0.
References (6)
Core 6
Core References
Vendor Advisory x_refsource_confirm
https://github.com/jupyter/nbconvert/security/advisories/GHSA-xm59-rqc7-hhvf
Issue Tracking x_refsource_misc
https://github.com/jupyter/nbconvert/issues/2258
Patch x_refsource_misc
https://github.com/jupyter/nbconvert/commit/c9ac1d1040459ed1ff9eb34e9918ce5a87cf9d71
Various Sources x_refsource_misc
https://github.com/jupyter/nbconvert/blob/4f61702f5c7524d8a3c4ac0d5fc33a6ac2fa36a7/nbconvert/preprocessors/svg2pdf.py#L104
Exploit, Third Party Advisory x_refsource_misc
https://www.imperva.com/blog/code-execution-in-jupyter-notebook-exports
Release Notes x_refsource_misc
https://github.com/jupyter/nbconvert/releases/tag/v7.17.0
Scores
CVSS v3
7.8
EPSS
0.0023
EPSS Percentile
14.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-427
Status
published
Products (2)
jupyter/nbconvert
< 7.16.6
pypi/nbconvert
0 - 7.17.0PyPI
Published
Dec 17, 2025
Tracked Since
Feb 18, 2026