| CVE-2026-0847 |
high |
7.5 |
7.5 |
|
|
|
3mo ago |
A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and Brac… |
| CVE-2021-3828 |
low |
— |
2.5 |
|
|
|
5y ago |
nltk is vulnerable to Inefficient Regular Expression Complexity |
| CVE-2026-33236 |
unknown |
— |
— |
|
|
|
3mo ago |
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, the… |
| CVE-2026-33231 |
unknown |
— |
— |
|
|
|
3mo ago |
Unauthenticated remote shutdown in nltk.app.wordnet_app |
| CVE-2026-33230 |
unknown |
— |
— |
|
|
|
3mo ago |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in nltk |
| CVE-2026-0846 |
unknown |
— |
— |
|
|
|
3mo ago |
A vulnerability in the `filestring()` function of the `nltk.util` module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files … |
| CVE-2026-0848 |
unknown |
— |
— |
|
|
|
3mo ago |
NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verifi… |
| CVE-2025-14009 |
unknown |
— |
— |
|
|
|
4mo ago |
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path… |
| CVE-2024-39705 |
unknown |
— |
— |
|
|
|
2y ago |
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_per… |
| CVE-2021-3842 |
unknown |
— |
— |
|
|
|
5y ago |
nltk is vulnerable to Inefficient Regular Expression Complexity |
| CVE-2021-43854 |
unknown |
— |
— |
|
|
|
5y ago |
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vuln… |
| CVE-2019-14751 |
unknown |
— |
— |
|
|
|
7y ago |
NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during e… |
