Home / Vulnerability Intelligence / CVE-2026-33588

CVE-2026-33588 - Vulnerability Analysis

HighCVSS: 8.1

Last Updated: May 7, 2026

Open Notebook - Path Traversal

Published: May 7, 2026Updated: May 7, 2026Remote Exploitable

Overview

Open Notebook v1.8.3 contains a path traversal vulnerability caused by lack of user input validation in the file upload functionality, letting application users create or modify files on the Docker container, exploit requires application user access.

Severity & Score

Severity: High

CVSS Score: 8.1

Impact

Application users can create or modify files on the Docker container, potentially leading to system compromise.

Mitigation

Update to the latest version of Open Notebook.

References

https://github.com/lfnovo/open-notebook/security/advisories/GHSA-x4q2-89g5-594v

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-33588
Severity: High
CVSS Score: 8.1
Type: path_traversal
Status: confirmed

CWE

CWE-20
NVD-CWE-noinfo

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H