CVE-2026-54527 in Git Plugininformazioni

Riassunto

di MITRE • 09/07/2026

JupyterLab Git is a Git extension for JupyterLab. From 0.30.0b3 before 0.54.0, the PlainTextDiff.ts createHeader() method passes Git filenames directly to innerHTML when rendering renamed files in commit history, allowing a crafted filename to execute JavaScript when a victim views the rename diff in the Git History tab. This issue is fixed in version 0.54.0.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsabile

GitHub M

Prenotare

15/06/2026

Divulgazione

09/07/2026

Moderazione

accettato

CPE

pronto

EPSS

0.00000

KEV

no

Attività

molto basso

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!