CVE-2026-44727 Jupyter CVE debrief

Who should care

Defenders of Jupyter Server installations should prioritize patching to version 2.20 or later. This vulnerability allows for stored XSS with significant impact, including cookie access and kernel RCE. Jupyter Server users, especially those with high-security requirements, should take immediate action.

Technical summary

The nbconvert HTTP handlers in jupyter_server prior to 2.20 render user-authored notebook HTML under the Jupyter origin without a sandbox directive in their Content-Security-Policy. This allows a malicious notebook to execute arbitrary JavaScript, leading to stored XSS. The vulnerability is exacerbated by nbconvert.HTMLExporter's default non-sanitizing behavior, which enables an attacker to inject HTML payloads in display_data outputs. Successful exploitation grants the attacker cookie access, full /api/* authority, and kernel RCE.

Defensive priority

Patching to version 2.20 or later is the primary mitigation. Defenders should also review their Jupyter Server installations for any suspicious activity and ensure that notebook content is properly sanitized.

Recommended defensive actions

• Patch Jupyter Server to version 2.20 or later
• Review Jupyter Server installations for suspicious activity
• Ensure proper sanitization of notebook content
• Monitor /api/* authority usage
• Implement additional security measures to prevent kernel RCE

Evidence notes

The CVE record and NVD detail provide official information about the vulnerability. The source item URL provides additional context from the NVD database. Vendor references include patches and advisories from the Jupyter Server project.

Official resources