CVE-2026-54527 in Git Pluginالمعلومات

الملخص

بحسب MITRE • 08/07/2026

JupyterLab Git is a Git extension for JupyterLab. From 0.30.0b3 before 0.54.0, the PlainTextDiff.ts createHeader() method passes Git filenames directly to innerHTML when rendering renamed files in commit history, allowing a crafted filename to execute JavaScript when a victim views the rename diff in the Git History tab. This issue is fixed in version 0.54.0.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

مسؤول

GitHub M

حجز

15/06/2026

إفشاء

08/07/2026

الاعتدال

تمت الموافقة

إدخال

VDB-377029

EPSS

0.00000

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Want to know what is going to be exploited?

We predict KEV entries!