CVE lookup
CVE-2026-35397
Pruva has a verified reproduction for CVE-2026-35397: Jupyter Server: path traversal via faulty startswith() root containment check. The canonical evidence record is REPRO-2026-00153.
REPRO
REPRO-2026-00153
Package
jupyter-server · pip
Severity
HIGH
Status
published