Critical nbconvert Vulnerability (CVE-2026-39377) Exposes Systems to Arbitrary File Write Attacks

A critical path traversal vulnerability in the popular nbconvert tool allows attackers to write arbitrary files anywhere on a victim's filesystem. The flaw, tracked as CVE-2026-39377 and GHSA-4c99-qj7h-p3vg, resides in how nbconvert processes cell attachment filenames within Jupyter notebooks. By crafting a malicious filename, an attacker can bypass the intended output directory, enabling them to overwrite or create files in sensitive system locations. This represents a severe security breach vector for any system that automatically processes untrusted notebooks using nbconvert.

The vulnerability specifically affects nbconvert versions prior to 7.17.1. The security update to version 7.17.1 patches this arbitrary file write flaw. The issue stems from insufficient sanitization of attachment filenames, which can contain directory traversal sequences like `../`. When a notebook containing such a crafted attachment is converted—for example, to HTML or PDF—the malicious file is written to the path specified by the attacker, not contained within the safe output directory.

This vulnerability poses a direct threat to data integrity, system security, and automated data science pipelines. Any service, research platform, or CI/CD pipeline that uses nbconvert to render user-submitted or externally sourced notebooks is now at risk. The immediate pressure is on developers, data scientists, and platform administrators to apply the patched version (7.17.1) without delay to close this security hole before it can be exploited in the wild.