CVE-2026-5422 MEDIUM

CVE-2026-5422: Path Traversal in jupyter/jupyter

Vendor Jupyter

Product jupyter/jupyter

Weakness CWE-23

Published June 2, 2026

Last update June 2, 2026

View on NVD All CVEs

CVSS base score

6.8/10

Attack vector Network

Attack complexity High

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the _get_os_path() function within jupyter_server/services/contents/fileio.py. The check uses startswith(root) without appending a trailing path separator, allowing sibling directories with names starting with the same prefix as root_dir to bypass the check. Additionally, the to_os_path() function in utils.py does not strip ".." from path parts, enabling traversal sequences to bypass the vulnerable check. This vulnerability can lead to unauthorized read/write access to files in sibling directories, potentially exposing sensitive data in shared hosting environments.

Key dates

02Disclosure timeline

June 2, 2026 CVE published

June 2, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-5422

Related vulnerabilities

CVE-2026-5422: Path Traversal in jupyter/jupyter

01Description

02Disclosure timeline

03References

04Related CVE