1. Critical nbconvert Vulnerability (CVE-2026-39377) Exposes Systems to Arbitrary File Write Attacks
A critical path traversal vulnerability in the popular nbconvert tool allows attackers to write arbitrary files anywhere on a victim's filesystem. The flaw, tracked as CVE-2026-39377 and GHSA-4c99-qj7h-p3vg, resides in how nbconvert processes cell attachment filenames within Jupyter notebooks. By crafting a malicious f...