{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-42557","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2026-04-28T16:56:50.192Z","datePublished":"2026-05-13T15:06:14.222Z","dateUpdated":"2026-07-08T12:05:49.547Z"},"containers":{"cna":{"title":"jupyterlab: Command linker attributes in HTML enable one-click command execution from untrusted content","problemTypes":[{"descriptions":[{"cweId":"CWE-79","lang":"en","description":"CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","type":"CWE"}]}],"metrics":[{"cvssV4_0":{"attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","baseScore":8.6,"baseSeverity":"HIGH","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","version":"4.0"}}],"references":[{"name":"https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-mqcg-5x36-vfcg","tags":["x_refsource_CONFIRM"],"url":"https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-mqcg-5x36-vfcg"}],"affected":[{"vendor":"jupyterlab","product":"jupyterlab","versions":[{"version":"< 4.5.7","status":"affected"}]},{"vendor":"jupyter","product":"notebook","versions":[{"version":">= 7.0.0, < 7.5.6","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2026-05-13T15:06:14.222Z"},"descriptions":[{"lang":"en","value":"jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all click events on document.body and executes the named command without checking whether the element came from trusted JupyterLab UI. A notebook with a pre-saved HTML cell output containing a deceptive button can trigger arbitrary JupyterLab commands - including arbitrary code execution - on a single user click, without any code being submitted for execution by the user. This vulnerability is fixed in 4.5.7."}],"source":{"advisory":"GHSA-mqcg-5x36-vfcg","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-05-14T17:57:35.710941Z","id":"CVE-2026-42557","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-05-14T17:59:11.711Z"}},{"affected":[{"cpes":["cpe:/a:redhat:migration_toolkit_applications:8"],"defaultStatus":"affected","product":"Migration Toolkit for Applications 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai"],"defaultStatus":"affected","product":"Red Hat OpenShift AI (RHOAI)","vendor":"Red Hat"}],"datePublic":"2026-05-13T15:06:14.222Z","descriptions":[{"lang":"en","value":"A flaw was found in jupyterlab. This vulnerability allows a remote attacker to achieve arbitrary code execution by presenting a user with a specially crafted notebook containing a deceptive button in its pre-saved HTML cell output. When the user clicks this button, the CommandLinker component executes arbitrary JupyterLab commands without sufficient validation, leading to the execution of unauthorized code."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-79","description":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","lang":"en","type":"CWE"}]}],"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2026-42557"},{"name":"RHBZ#2477086","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477086"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42557.json"}],"timeline":[{"lang":"en","time":"2026-05-13T16:02:57.063Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-05-13T15:06:14.222Z","value":"Made public."}],"title":"jupyterlab: JupyterLab: Arbitrary code execution via deceptive button in HTML output","workarounds":[{"lang":"en","value":"Users should avoid opening or interacting with JupyterLab notebooks from untrusted sources. Exercise caution and verify the origin of any notebook before clicking buttons within its output, as this action could lead to the execution of arbitrary commands."}],"x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"},"providerMetadata":{"orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP","dateUpdated":"2026-07-08T12:05:49.547Z"}}]}}