Description
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions_uris) is not correctly enforced by JupyterLab. The PyPI Extension Manager was not contained to packages listed on the default PyPI index. This vulnerability is fixed in 4.5.7.
Published: 2026-05-13
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw lies in the Extension Manager: the allow‑list of trusted PyPI URIs was not enforced, so a POST request can install any arbitrary extension, including malicious ones. The attacker can execute arbitrary code in the context of the JupyterLab server or the user’s browser, giving full RCE. This corresponds to the weaknesses identified as CWE-602 and CWE-88.

Affected Systems

All JupyterLab installations from version 4.0.0 through 4.5.6 are vulnerable. The issue is fixed starting with version 4.5.7.

Risk and Exploitability

The CVSS score of 8.8 classifies this as a high‑severity vulnerability. The EPSS score is not available, so the exploitation probability cannot be quantified, and it is not listed in the CISA KEV catalog. The likely attack vector is a unauthenticated or authenticated POST request to the Extension Manager API, which requires network access to the JupyterLab server. Successful exploitation would allow the adversary to deliver malicious code via an installed extension.

Generated by OpenCVE AI on May 13, 2026 at 16:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade JupyterLab to version 4.5.7 or later, which enforces the extension allow‑list correctly.
  • If an immediate upgrade is not possible, temporarily block or restrict access to the Extension Manager POST endpoint using a firewall or reverse‑proxy rule to prevent unauthorized extension installations.
  • Configure the allowed_extensions_uris setting to whitelist only trusted PyPI indexes and enforce that only those URIs can be used for extension installation.

Generated by OpenCVE AI on May 13, 2026 at 16:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-37w4-hwhx-4rc4 JupyterHub has an Extension Manager API/GUI Policy Discrepancy, allowing 3rd party (malicious) extensions install via POST request
History

Thu, 14 May 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Jupyter
Jupyter jupyterlab
Vendors & Products Jupyter
Jupyter jupyterlab

Wed, 13 May 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Description jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions_uris) is not correctly enforced by JupyterLab. The PyPI Extension Manager was not contained to packages listed on the default PyPI index. This vulnerability is fixed in 4.5.7.
Title jupyterlab: Extension Manager API/GUI Policy Discrepancy allowing 3rd party (malicious) extensions install via POST request.
Weaknesses CWE-602
CWE-88
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Jupyter Jupyterlab
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-14T03:56:38.179Z

Reserved: 2026-04-26T11:53:27.706Z

Link: CVE-2026-42266

cve-icon Vulnrichment

Updated: 2026-05-13T15:28:48.878Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-13T16:16:47.017

Modified: 2026-05-13T16:32:31.457

Link: CVE-2026-42266

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T14:30:15Z

Weaknesses