CVE-2026-44180 Splunk · SPL

Detect CVE-2026-44180: Jupyter Enterprise Gateway ContainerProcessProxy._enforce_prohibited_ids Bypass in Splunk

CVE-2026-44180 is a critical (CVSS 9.8) input validation bypass in Jupyter Enterprise Gateway versions >= 2.0.0rc1 and < 3.3.0. The ContainerProcessProxy._enforce_prohibited_ids method fails to properly validate or enforce restrictions on kernel IDs, allowing an attacker to bypass container process isolation controls. This can enable unauthorized kernel spawning, container escape, or execution of arbitrary workloads within the enterprise gateway environment. A public proof-of-concept exists.

MITRE ATT&CK

Tactic
Initial Access Privilege Escalation Lateral Movement

SPL Detection Query

Splunk (SPL)
spl 
index=* sourcetype IN ("linux_audit", "osquery", "syslog", "WinEventLog:*")
("enterprise_gateway" OR "EnterpriseGateway" OR "ContainerProcessProxy" OR "jupyter-enterprise-gateway")
| eval suspicious_kernel = if(match(cmdline, "kernel[_-]id=[a-zA-Z0-9_\-]{8,}") OR match(cmdline, "enforce_prohibited") OR match(cmdline, "prohibited_ids"), 1, 0)
| where suspicious_kernel=1
| stats count min(_time) as first_seen max(_time) as last_seen values(cmdline) as commands values(user) as users by host
| where count > 0
| eval risk = case(count > 10, "high", count > 3, "medium", true(), "low")
| table host, users, commands, count, first_seen, last_seen, risk
critical severity medium confidence

Splunk search for Jupyter Enterprise Gateway process events related to CVE-2026-44180, focusing on kernel ID manipulation patterns in command-line arguments.

Data Sources

linux_auditosqueryWinEventLog

Required Sourcetypes

linux_auditosquerysyslog

False Positives & Tuning

  • Legitimate administrative scripts that manage kernel lifecycle with explicit IDs
  • Debugging sessions where developers inspect gateway internals
  • Automated integration test suites that spawn kernels with predictable IDs

Other platforms for CVE-2026-44180

Microsoft Sentinel (KQL) Elastic Security (Elastic) IBM QRadar (QRadar) Sumo Logic CSE (Sumo) Google Chronicle (YARA-L) CrowdStrike LogScale (LogScale) All platforms (combined) →

Testing Methodology

Validate this detection against 3 adversary techniques from Atomic Red Team. Each test below lists the behaviour to exercise and the telemetry you should expect to see. Executable commands and cleanup steps are available with Pro.

  1. Test 1Spawn unauthorized kernel via ID bypass on vulnerable gateway

    Expected signal: Process creation events for python3 spawned as child of jupyter-enterprise-gateway with command line containing the test kernel_id value; HTTP access log entries showing POST /api/kernels with status 201 for requests that should have been rejected

  2. Test 2Enumerate gateway kernel API for ID restriction bypass

    Expected signal: Multiple sequential HTTP POST requests to /api/kernels gateway endpoint within a short timeframe with varying kernel_id values including path traversal and command injection patterns

  3. Test 3Simulate container escape via unrestricted kernel process spawning

    Expected signal: Container process creation events showing python3 kernel process; if escape is successful, process events outside container namespace; file access events for /proc/1/cgroup or /etc/hosts from kernel process

Last updated: 2026-06-21 Research depth: standard
References (3)

Unlock Pro Content

Get the full detection package for CVE-2026-44180 including response playbook, investigation guide, and atomic red team tests.

Response PlaybookInvestigation GuideHunting QueriesAtomic Red Team TestsTuning Guidance
Sign Up for Pro View Pricing

Related Detections

Tactic Hubs

TA0001Initial AccessTA0004Privilege EscalationTA0008Lateral Movement

Related Techniques

T1190Exploit Public-Facing ApplicationT1611Escape to HostT1610Deploy Container

Same Tactic: Initial Access

Popular Detections