CVE-2026-23528: Dask Distributed is Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard

When Jupyter Lab, jupyter-server-proxy and Dask distributed are all run together it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting (XSS) bug in the Dask dashboard.

It is possible for attackers to craft a phishing URL that assumes Jupyter Lab and Dask may be running on localhost and using default ports. If a user clicks on the malicious link it will open an error page in the Dask Dashboard via the Jupyter Lab proxy which will cause code to be executed by the default Jupyter Python kernel.

In order for a user to be impacted they must be running Jupyter Lab locally on the default port (with the jupyter-server-proxy) and a Dask distributed cluster on the default port. Then they would need to click the link which would execute the malicious code.