CVE-2026-33588HIGH 8.1EPSS p7.9%

CVE-2026-33588CVE-2026-33588

Description

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
EPSS0.18% probability of exploitation · percentile 7.9% · 2026-06-19T12:03:05Z
Published2026-05-07
Last modified2026-05-07

Underlying weaknesses· 1

CWE-20

References

  1. https://github.com/lfnovo/open-notebook/security/advisories/GHSA-x4q2-89g5-594v

1

TypeTargetConfidenceTier
WeaknessImproper Input Validationcwe-200%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-33587
CVE
CVE-2026-22908
CVE
CVE-2026-21628
CVE
CVE-2026-36576
CVE
CVE-2025-3115
CVE
CVE-2026-0963
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.