Vulnerabilities

Report: CVE-2026-35397 - jupyter-server path traversal allows access to sibling directories sharing root_

2026-05-05 0 views admin

CVE ID :CVE-2026-35397 Published : May 5, 2026, 7:37 p.m. | 48 minutes ago Description :Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_dir and access sibling directories whose names begin with the same prefix as the root_dir. For example, with a root_dir named

CVE Details

CVE ID

CVE-2026-35397

Published

May 5, 2026

Impact: path traversal

🏷️ Tags

report35397jupyterservertraversalallowsaccesssiblingdirectoriessharing

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-35397 - jupyter-server path traversal allows access to sibling directories sharing root_

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-27960 - OpenCTI privilege escalation and unauthenticated access via default admin account - Complete Guide

Report: CVE-2026-42997 - Dell Idrac Authorization Credential Exposure

Report: Latest: CVE-2026-7855 - D-Link DI-8100 HTTP Request tggl.asp tggl_asp buffer overflow

Report: CVE-2026-7854 - D-Link DI-8100 POST Parameter url_rule.asp url_rule_asp buffer overflow

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting