{"vulnerability": "cve-2026-44727", "sightings": [{"uuid": "2368a10a-c9a7-41f1-8cc3-d282f61b249c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44727", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mow3tlg6pj2y", "content": "CRITICAL: CVE-2026-44727 impacts jupyter_server <2.20. Stored XSS lets attackers steal cookies & execute code. Patch now \u2014 upgrade to 2.20+ for protection. https://radar.offseq.com/threat/cve-2026-44727-cwe-79-improper-neutralization-of-i-2f84cbe7cd47cddc #OffSeq #Jupyter #XSS", "creation_timestamp": "2026-06-23T00:00:41.809778Z"}, {"uuid": "7139da80-a26b-491e-adf8-65527bc2a091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44727", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116796479180840470", "content": "CVE-2026-44727: CRITICAL XSS in jupyter_server <2.20. Malicious notebooks can lead to cookie theft & remote code execution due to missing CSP sandboxing. Upgrade to 2.20+ to secure your server. Details: https://radar.offseq.com/threat/cve-2026-44727-cwe-79-improper-neutralization-of-i-2f84cbe7cd47cddc #OffSeq #XSS #Jupyter #Security", "creation_timestamp": "2026-06-23T00:00:43.481582Z"}]}