CVE-2026-42557

CRITICAL

jupyterlab: Command linker attributes in HTML enable one-click command execution from untrusted content

Title source: cna
STIX 2.1

Description

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all click events on document.body and executes the named command without checking whether the element came from trusted JupyterLab UI. A notebook with a pre-saved HTML cell output containing a deceptive button can trigger arbitrary JupyterLab commands - including arbitrary code execution - on a single user click, without any code being submitted for execution by the user. This vulnerability is fixed in 4.5.7.

Scores

CVSS v3 9.6
EPSS 0.0039
EPSS Percentile 30.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-79
Status published
Products (6)
jupyter/jupyterlab < 4.5.7
jupyter/notebook 7.0.0 - 7.5.6
jupyter/notebook >= 7.0.0, < 7.5.6
jupyterlab/jupyterlab < 4.5.7
pypi/jupyterlab 0 - 4.5.7PyPI
pypi/notebook 7.0.0 - 7.5.6PyPI
Published May 13, 2026
Tracked Since May 13, 2026