CVE-2026-33588

UNKNOWN 0.0

Arbitrary File Write Through Path Traversal

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal.

CWE	CWE-20
Vendor	open notebook
Product	open notebook
Published	May 7, 2026
Last Updated	May 7, 2026

Stay Ahead of the Next One

Get instant alerts for open notebook open notebook

Be the first to know when new unknown vulnerabilities affecting open notebook open notebook are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Open Notebook / Open Notebook

0 ≤ 1.8.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/lfnovo/open-notebook/security/advisories/GHSA-x4q2-89g5-594v

Credits

CERT-EU