PatchSiren

jupyter-server CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL jupyter-server CVE published 2026-07-16

CVE-2026-44182

CVE-2026-44182 is a critical vulnerability in Jupyter Enterprise Gateway prior to version 3.3.0. The server interpolates untrusted environment variables into Kubernetes manifests without YAML-aware escaping, enabling YAML injection attacks. Attackers can inject new fields, overwrite critical fields, and inject document boundaries to generate multiple resources, potentially creating arbitrary types, such a [truncated]

CRITICAL jupyter-server CVE published 2026-07-16

CVE-2026-44181

CVE-2026-44181 is a Server Side Template Injection vulnerability in Jupyter Enterprise Gateway versions 2.0.0rc2 through 3.2.x before 3.3.0. The vulnerability allows for the execution of Python code and OS commands via Jinja2 template expressions in environment variables used during Kubernetes manifest rendering. This can lead to the theft of Kubernetes service account tokens, potentially compromising the [truncated]

CRITICAL jupyter-server CVE published 2026-07-16

CVE-2026-44180

CVE-2026-44180 is a critical vulnerability in Jupyter Enterprise Gateway that allows bypassing the prohibited UID/GID feature, enabling the launch of Jupyter kernels as root. This can lead to increased attack surface, potential container escapes, and compromise of worker nodes and the entire Kubernetes cluster. The vulnerability exists due to improper input validation, allowing specially crafted KERNEL_UI [truncated]