Package impact
MAVEN / org.apache.opennlp:opennlp-tools
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42027 | critical | 9.8 | 9.8 | 1mo ago | Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The ExtensionLoader.instantiateExtension(C… | |||
| CVE-2026-40682 | critical | 9.1 | 9.1 | 1mo ago | XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor … | |||
| CVE-2026-42440 | high | 7.5 | 7.5 | 1mo ago | OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOut… |