External risk intelligence

JupyterLab Git Cross-Site Scripting via Crafted Filenames

CVE advisorySeverity: CRITICAL (CVSS 9.3)

CVE-2026-54527

This vulnerability is located within a JupyterLab extension and requires a user to interact with the Git History tab and view a specifically crafted rename diff. It is a client-side interaction within a development environment, not a service or interface typically exposed to the public internet.

Cross-site Scripting

Jupyterlab Git

0.30.1 to before 0.54.00.30.0

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

This vulnerability involves a Git extension for JupyterLab where a crafted filename in commit history could execute JavaScript if viewed by a user. The main concern is confirming relevance and exposure, as the attack requires specific user interaction within a development environment.

  • Malicious filenames can run code in developer tools.
  • Matters if developers use the Git extension.
  • Confirm if this extension is in use.

Attack Path

How an attacker could exploit the issue

An attacker could exploit this by crafting a malicious filename within a Git repository that JupyterLab is inspecting. When a user views the commit history in the Git extension and encounters a renamed file with this crafted filename, the filename would be processed insecurely, potentially leading to the execution of arbitrary JavaScript in the user's browser.

  • Requires user interaction with Git history.
  • Triggered by viewing a renamed file diff.
  • Allows arbitrary JavaScript execution.

Live Threat

Current exploitation, exposure, and threat context

When users view a crafted rename diff in the Git History tab, JavaScript could be executed by the JupyterLab Git extension. This could impact the user's browser session within JupyterLab. There is no indication of sensitive data or PII being at risk.

  • User's browser session.
  • Viewing a crafted rename diff.
  • Arbitrary JavaScript execution in browser.

Operational Fix

Recommended remediation, mitigation, and detection steps

The JupyterLab Git extension's Git History tab is vulnerable if a user views a specially crafted rename diff, potentially allowing JavaScript execution. Ownership likely falls to the JupyterLab platform team or the application owner responsible for the extension, with the initial step being to inventory all JupyterLab instances and confirm if the Git extension is enabled and accessible.

  • Platform/Application owners should lead remediation.
  • Verify JupyterLab Git extension usage and exposure.
  • Plan updates during scheduled maintenance windows.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is JupyterLab Git?

JupyterLab Git is an extension that adds version control capabilities directly into the JupyterLab interface. Data scientists and developers use it to manage code repositories, track changes, and coordinate work without leaving their interactive development environment. It bridges standard Git workflows with the web-based Jupyter notebook platform.

What does CWE-79 mean for CVE-2026-54527?

CWE-79 refers to Improper Neutralization of Input During Web Page Generation, commonly known as Cross-Site Scripting (XSS). In the context of CVE-2026-54527, this means the software incorrectly handles specific input—in this case, filenames—by placing them directly into the browser's document structure. This allows an attacker to inject and execute unauthorized JavaScript code within the context of a victim's active session.

How is this vulnerability triggered?

An attacker must include a specially crafted filename in a Git repository that is then opened in the JupyterLab Git extension. The flaw is triggered specifically when a user views a commit history that contains a renamed file using that malicious name. Simply having the file in a repository is not enough; the user must actively navigate to and view the rename diff within the Git History tab to execute the script.

Do I need to worry if my JupyterLab instance is internal?

According to Halo Surface Signal, this vulnerability is very unlikely to be exploited from the public internet. Because the attack requires a user to manually interact with the Git History tab inside a development environment, the risk is localized to the user's browser session rather than an exposed public web service.

Is there a recommended first step to respond to this?

Your first step is to identify all JupyterLab environments within your organization and confirm whether the JupyterLab Git extension is installed and active. Once you have an inventory, verify the installed version of the extension to determine if it falls within the affected range, and prepare to update to version 0.54.0 or later to neutralize the vulnerability.

References