cvedb.io
CVE-2026-39377
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2026-04-21T01:16:05.937 · Last modified 2026-06-17T10:42:01.077

Summary

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The `ExtractAttachmentsPreprocessor` passes attachment filenames directly to the filesystem without sanitization, enabling path traversal attacks. This vulnerability provides complete control over both the destination path and file extension. Version 7.17.1 contains a patch.

Affected products

jupyter — nbconvert

Does this affect you?

Add your gear to cvedb and we'll alert you only when jupyter ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.