The vulnerability resides in the file upload component of Open Notebook, where the application fails to validate the filename supplied by the user. An attacker can craft a path that traverses directories and read arbitrary files on the Docker container hosting the application. This read capability exposes private or sensitive data stored on the host or within the container, compromising confidentiality and potentially enabling further privilege escalation if the attacker identifies executable scripts or configuration files.

Open Notebook, version 1.8.3 is affected. The issue occurs in the file upload feature exposed by the web interface, permissible to any authenticated user who can upload files. No additional versions are presently listed as vulnerable.

The CVSS score of 8.2 indicates a high severity. EPSS indicates an exploitation probability of less than 1%, meaning the likelihood of an attack remains low though not zero. The presence of a local file inclusion flaw and lack of input validation still expose users to opportunistic attacks. The vulnerability has not been listed in the CISA KEV catalog, implying no confirmed widespread exploitation yet. The likely attack vector requires application-level access to the file upload endpoint, so users with sufficient privileges can exploit the flaw; however, if arbitrary file uploads are not strictly protected, any user could potentially trigger the vulnerability.