CVE-2026-44182
Jupyter Enterprise Gateway YAML Injection Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability exists in Jupyter Enterprise Gateway that allows for YAML injection. This can occur when untrusted environment variables are interpolated into Kubernetes manifests, enabling attackers to create arbitrary resources, including privileged pods. This could lead to unauthorized access or denial of service.