CVE-2026-23528
📋 TL;DR
This cross-site scripting (XSS) vulnerability in Dask distributed allows attackers to craft malicious URLs that execute arbitrary code in Jupyter Lab when clicked. It affects systems running Jupyter Lab, jupyter-server-proxy, and Dask distributed together. Users who click phishing links while these services are running on default localhost ports are vulnerable.
💻 Affected Systems
- Dask distributed
- Jupyter Lab
- jupyter-server-proxy
📦 What is this software?
Dask by Anaconda
⚠️ Risk & Real-World Impact
Worst Case
Full remote code execution in Jupyter kernel, allowing attacker to run arbitrary commands, access sensitive data, or pivot to other systems.
Likely Case
Limited code execution within Jupyter session, potentially stealing session data or performing unauthorized actions within the Jupyter environment.
If Mitigated
No impact if proper URL validation and input sanitization are implemented, or if services aren't running together.
🎯 Exploit Status
Exploitation requires user interaction (clicking malicious URL) but crafting the URL is straightforward. No authentication bypass needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2026.1.0
Vendor Advisory: https://github.com/dask/distributed/security/advisories/GHSA-c336-7962-wfj2
Restart Required: Yes
Instructions:
1. Upgrade Dask distributed to version 2026.1.0 or later using pip: 'pip install --upgrade dask-distributed==2026.1.0'. 2. Restart all Dask and Jupyter services. 3. Verify the fix by checking version and testing dashboard functionality.
🔧 Temporary Workarounds
Disable Jupyter proxy integration
allRun Dask dashboard separately from Jupyter Lab without jupyter-server-proxy integration
# Run Dask dashboard on separate port
dask scheduler --dashboard-address :8787
# Access dashboard directly instead of through Jupyter
Use non-default ports
allChange default ports for Jupyter and Dask services to reduce predictability of phishing attacks
# Jupyter Lab on custom port
jupyter lab --port 8889
# Dask on custom port
dask scheduler --dashboard-address :8790
🧯 If You Can't Patch
- Isolate Jupyter and Dask services on separate networks or containers
- Implement strict URL filtering and input validation at proxy/load balancer level
🔍 How to Verify
Check if Vulnerable:
Check if running Dask distributed <2026.1.0 with Jupyter Lab and jupyter-server-proxy. Review configuration for default localhost ports.Check Version:
python -c "import distributed; print(distributed.__version__)"Verify Fix Applied:
Confirm Dask distributed version is >=2026.1.0 and test dashboard functionality through Jupyter proxy.📡 Detection & Monitoring
Log Indicators:
- Unusual error pages in Dask dashboard logs
- Suspicious URL patterns in Jupyter access logs
- Unexpected Python kernel executions in Jupyter logs
Network Indicators:
- HTTP requests to Dask dashboard with crafted query parameters
- Traffic patterns suggesting phishing link clicks
SIEM Query:
source="jupyter.log" AND ("error page" OR "malformed url" OR "xss") OR source="dask.log" AND "dashboard" AND "error"