CVE-2026-42557

EUVD-2026-30000
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all click events on document.body and executes the named command without checking whether the element came from trusted JupyterLab UI. A notebook with a pre-saved HTML cell output containing a deceptive button can trigger arbitrary JupyterLab commands - including arbitrary code execution - on a single user click, without any code being submitted for execution by the user. This vulnerability is fixed in 4.5.7.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.6 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
Affected Products (NVD)
VendorProductVersion
jupyterjupyterlab
𝑥
< 4.5.7
jupyternotebook
7.0.0 ≤
𝑥
< 7.5.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
jupyterlab
forky
vulnerable
sid
vulnerable
trixie
vulnerable
Common Weakness Enumeration
References
https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-mqcg-5x36-vfcg