Description
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting (XSS) bug in the Dask dashboard. It is possible for attackers to craft a phishing URL that assumes Jupyter Lab and Dask may be running on localhost and using default ports. If a user clicks on the malicious link it will open an error page in the Dask Dashboard via the Jupyter Lab proxy which will cause code to be executed by the default Jupyter Python kernel. This vulnerability is fixed in 2026.1.0.
Published: 2026-01-16
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution via XSS on Dask Distributed dashboard
Action: Patch
AI Analysis

Impact

A cross‑site scripting flaw in the Dask distributed dashboard, visible when accessed through the Jupyter Lab proxy, allows an attacker to craft a URL that causes the default Jupyter Python kernel to execute arbitrary code. This gives the attacker remote execution rights on the host running Jupyter, potentially compromising confidentiality, integrity, and availability of the entire distributed environment. The weakness is an XSS flaw (CWE‑79, CWE‑80) with a privilege escalation element (CWE‑250).

Affected Systems

The vulnerability affects installations of dask distributed older than version 2026.1.0 that run alongside Jupyter Lab or jupyter‑server‑proxy. Any user environment that uses the default localhost ports to expose the dashboard—across Linux, Windows, or macOS—is susceptible, regardless of the Python distribution used.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity, while the EPSS score of less than 1% suggests exploitation is currently improbable. The CVE is not listed in the CISA KEV catalog, and no public exploit has been confirmed. The attack vector requires user interaction: a malicious link must be clicked within a Jupyter Lab session that has a running Dask dashboard. Once accessed, code runs with the privileges of the Jupyter kernel—often full system privileges—so a single compromised user could potentially compromise an entire cluster. Although realistic risk is low, the impact of successful exploitation is high, warranting prompt remediation.

Generated by OpenCVE AI on April 18, 2026 at 05:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade dask distributed to 2026.1.0 or later.
  • Disable the Jupyter Lab proxy or the dashboard if it is not required for your workflow.
  • Configure the Jupyter server to bind only to trusted interfaces and enforce HTTPS with valid certificates.
  • Apply the principle of least privilege so the Jupyter kernel runs with minimal permissions.

Generated by OpenCVE AI on April 18, 2026 at 05:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-c336-7962-wfj2 Dask Distributed is Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard
History

Thu, 12 Mar 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Anaconda
Anaconda dask
CPEs cpe:2.3:a:anaconda:dask:*:*:*:*:*:python:*:*
Vendors & Products Anaconda
Anaconda dask
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Mon, 19 Jan 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Dask
Dask distributed
Vendors & Products Dask
Dask distributed

Fri, 16 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 16 Jan 2026 17:00:00 +0000

Type Values Removed Values Added
Description Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting (XSS) bug in the Dask dashboard. It is possible for attackers to craft a phishing URL that assumes Jupyter Lab and Dask may be running on localhost and using default ports. If a user clicks on the malicious link it will open an error page in the Dask Dashboard via the Jupyter Lab proxy which will cause code to be executed by the default Jupyter Python kernel. This vulnerability is fixed in 2026.1.0.
Title Dask distributed Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard
Weaknesses CWE-250
CWE-79
CWE-80
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Anaconda Dask
Dask Distributed
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-16T17:21:36.324Z

Reserved: 2026-01-13T18:22:43.981Z

Link: CVE-2026-23528

cve-icon Vulnrichment

Updated: 2026-01-16T17:21:33.185Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-16T17:15:54.640

Modified: 2026-03-12T18:29:56.420

Link: CVE-2026-23528

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T05:45:38Z

Weaknesses