Every CVE whose affected-product data names Lfnovo Open-notebook, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2026-33587 — CVSS 10.0 (critical): Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code (and subsequently OS commands)…
CVE-2026-33588 — CVSS 8.1 (high): Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify…
CVE-2026-28201 — CVSS 7.8 (high): An improper input validation, together with an overly permissive default CORS configuration in Open Notebook v1.8.1 allows remote attacker…
CVE-2026-33589 — CVSS 6.5 (medium): Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to access local files…