Every CVE whose affected-product data names Jupyter Jupyterhub, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2024-28233 — CVSS 8.1 (high): JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker…
CVE-2024-41942 — CVSS 7.2 (high): JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is…
CVE-2019-10255 — CVSS 6.1 (medium): An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before…
CVE-2026-33709 — CVSS 6.1 (medium): JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect…
CVE-2026-40864 — CVSS 5.4 (medium): JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF…
CVE-2020-36191 — CVSS 4.5 (medium): JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an _xsrf field, as demonstrated by a /hub/api/user request (to add…
CVE-2021-41247 — CVSS 3.5 (low): JupyterHub is an open source multi-user server for Jupyter notebooks. In affected versions users who have multiple JupyterLab tabs open in…