CVE-2026-33587

Critical

Published: 07 May 2026

Published

07 May 2026

Modified

07 May 2026

KEV Added

—

Patch

—

CVSS Score 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

EPSS Score 0.0006 19.6th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code (and subsequently OS commands) on the docker container via Server-Side Template Injection (SSTI) for user-created transformations.

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

PM-14 Testing, Training, and Monitoring

addresses: CWE-20

Security testing and developer training directly verify and enforce proper input validation, reducing exploitability of injection and malformed-data weaknesses.

SA-11 Developer Testing and Evaluation

addresses: CWE-20

Security testing and evaluation at multiple SDLC stages directly detects missing or flawed input validation, with the required remediation process ensuring fixes are applied.

SI-10 Information Input Validation

addresses: CWE-20

Directly implements checks on information inputs to reject invalid data before processing.

SI-8 Spam Protection

addresses: CWE-20

Spam protection mechanisms perform filtering and detection on inbound/outbound messages, directly compensating for missing or weak input validation of unsolicited content.

Security SummaryAI

Automated synthesis unavailable for this CVE.

Details

CWE(s): CWE-20 NVD-CWE-noinfo

Affected Products

lfnovo

open-notebook

≤ 1.8.4

References

https://github.com/lfnovo/open-notebook/security/advisories/GHSA-f35w-wx37-26q7
Vendor Advisory · a6d3dc9e-0591-4a13-bce7-0f5b31ff6158