diff --git a/pyproject.toml b/pyproject.toml
index e456a9c7..9a45dcdb 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -153,9 +153,11 @@ jupyter = [
     "jupyter>=1.1.1,<2",
     # Transitive overrides
     # WARNING: one cannot negate or downgrade a dependency required here. use override-dependencies for that.
-    "jupyter-core>=5.8.1",              # CVE-2025-30167
-    "jupyterlab>=4.4.9",                # CVE-2025-59842
-    "nbconvert>=7.17.1",                # CVE-2025-53000 (>=7.17.0, Dependabot #424); CVE-2026-39377, CVE-2026-39378 (>=7.17.1, Dependabot #553)
+    "jupyter-core>=5.8.1",              # CVE-2025-30167 (High)
+    "jupyterlab>=4.5.7",                # CVE-2025-59842 (Low, >=4.4.9); CVE-2026-40171 (High, >=4.5.7, Renovate #616); CVE-2026-42266 (High, >=4.5.7); CVE-2026-42557 (High, >=4.5.7)
+    "nbconvert>=7.17.1",                # CVE-2025-53000 (High, >=7.17.0, Dependabot #424); CVE-2026-39377, CVE-2026-39378 (High, >=7.17.1, Dependabot #553)
+    "notebook>=7.5.6",                  # CVE-2026-40171 (High, >=7.5.6, Dependabot #614); CVE-2026-42557 (High, >=7.5.6)
+    "jupyter-server>=2.18.0",           # CVE-2025-61669 (Medium, >=2.18.0, Dependabot #628); CVE-2026-35397 (High, >=2.18.0); CVE-2026-40110 (High, >=2.18.0); CVE-2026-40934 (Medium, >=2.18.0)
 ]
 marimo = [
     "cloudpathlib>=0.23.0,<1",
diff --git a/uv.lock b/uv.lock
index f901c5b0..fef10ff2 100644
--- a/uv.lock
+++ b/uv.lock
@@ -101,8 +101,10 @@ dependencies = [
 jupyter = [
     { name = "jupyter" },
     { name = "jupyter-core" },
+    { name = "jupyter-server" },
     { name = "jupyterlab" },
     { name = "nbconvert" },
+    { name = "notebook" },
 ]
 marimo = [
     { name = "cloudpathlib" },
@@ -199,7 +201,8 @@ requires-dist = [
     { name = "jsonschema", extras = ["format-nongpl"], specifier = ">=4.25.1,<5" },
     { name = "jupyter", marker = "extra == 'jupyter'", specifier = ">=1.1.1,<2" },
     { name = "jupyter-core", marker = "extra == 'jupyter'", specifier = ">=5.8.1" },
-    { name = "jupyterlab", marker = "extra == 'jupyter'", specifier = ">=4.4.9" },
+    { name = "jupyter-server", marker = "extra == 'jupyter'", specifier = ">=2.18.0" },
+    { name = "jupyterlab", marker = "extra == 'jupyter'", specifier = ">=4.5.7" },
     { name = "loguru", specifier = ">=0.7.3,<1" },
     { name = "lxml", specifier = ">=6.1.0" },
     { name = "lxml-html-clean", specifier = ">=0.4.4" },
@@ -208,6 +211,7 @@ requires-dist = [
     { name = "matplotlib", marker = "extra == 'marimo'", specifier = ">=3.10.7,<4" },
     { name = "nbconvert", marker = "extra == 'jupyter'", specifier = ">=7.17.1" },
     { name = "nicegui", extras = ["native"], specifier = ">=3.11.0,<4" },
+    { name = "notebook", marker = "extra == 'jupyter'", specifier = ">=7.5.6" },
     { name = "openslide-bin", specifier = ">=4.0.0.10,<5" },
     { name = "openslide-python", specifier = ">=1.4.3,<2" },
     { name = "packaging", specifier = ">=26,<27" },