CVE-2026-35397: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in jupyter-server jupyter_server
Jupyter Server versions 2. 17. 0 and earlier contain a path traversal vulnerability in the REST API that allows an authenticated user to access sibling directories outside the configured root directory if those directories share a common prefix. This can lead to unauthorized reading, writing, and deletion of files in those sibling directories. The vulnerability is fixed in version 2. 18. 0. As a temporary mitigation, administrators should avoid folder names that share prefixes with sibling directories to reduce risk.
AI Analysis
Technical Summary
CVE-2026-35397 is a path traversal vulnerability (CWE-22) in jupyter-server's REST API affecting versions prior to 2.18.0. An authenticated user can exploit this flaw by crafting requests to the /api/contents endpoint with encoded path components to escape the configured root_dir and access sibling directories whose names begin with the same prefix as the root_dir. This allows unauthorized file operations including reading, writing, and deletion in those sibling directories. Multi-tenant environments with predictable directory naming are especially vulnerable. Version 2.18.0 contains a fix for this issue.
Potential Impact
An attacker with authenticated access can bypass directory restrictions to access and manipulate files in sibling directories sharing a common prefix with the root directory. This can lead to unauthorized data exposure, modification, or deletion within those directories. The vulnerability poses a high risk in multi-tenant deployments where directory names are predictable, potentially allowing access to multiple users' data.
Mitigation Recommendations
Upgrade to jupyter-server version 2.18.0 or later, which contains a fix for this vulnerability. Until upgrading, avoid using folder names that share common prefixes with sibling directories to reduce the risk of exploitation.
CVE-2026-35397: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in jupyter-server jupyter_server
Description
Jupyter Server versions 2. 17. 0 and earlier contain a path traversal vulnerability in the REST API that allows an authenticated user to access sibling directories outside the configured root directory if those directories share a common prefix. This can lead to unauthorized reading, writing, and deletion of files in those sibling directories. The vulnerability is fixed in version 2. 18. 0. As a temporary mitigation, administrators should avoid folder names that share prefixes with sibling directories to reduce risk.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-35397 is a path traversal vulnerability (CWE-22) in jupyter-server's REST API affecting versions prior to 2.18.0. An authenticated user can exploit this flaw by crafting requests to the /api/contents endpoint with encoded path components to escape the configured root_dir and access sibling directories whose names begin with the same prefix as the root_dir. This allows unauthorized file operations including reading, writing, and deletion in those sibling directories. Multi-tenant environments with predictable directory naming are especially vulnerable. Version 2.18.0 contains a fix for this issue.
Potential Impact
An attacker with authenticated access can bypass directory restrictions to access and manipulate files in sibling directories sharing a common prefix with the root directory. This can lead to unauthorized data exposure, modification, or deletion within those directories. The vulnerability poses a high risk in multi-tenant deployments where directory names are predictable, potentially allowing access to multiple users' data.
Mitigation Recommendations
Upgrade to jupyter-server version 2.18.0 or later, which contains a fix for this vulnerability. Until upgrading, avoid using folder names that share common prefixes with sibling directories to reduce the risk of exploitation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-02T17:03:42.074Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69fa4dc2cbff5d86102152b2
Added to database: 5/5/2026, 8:06:26 PM
Last enriched: 5/5/2026, 8:21:19 PM
Last updated: 5/5/2026, 9:17:20 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.