Lucene search
K

19 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 1:55 p.m.4 views

Security Bulletin: Multiple Vulnerabilities in NLTK bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the Natural Language Toolkit NLTK library, which is susceptible to several critical security vulnerabilities. These flaws could allow a remote attacker to execute arbitrary code, perform arbitrary file reads via path...

10CVSS6.8AI score0.00924EPSS
Exploits9Affected Software2
Packet Storm
Packet Storm
added 2026/03/31 12:0 a.m.181 views

📄 NLTK 3.9.2 Arbitrary File Read / Path Traversal

NLTK versions 3.9.2 and below suffer from an arbitrary file read issue due to a path traversal vulnerability. CVE-2026-0847 — NLTK Multiple CorpusReader Classes: Arbitrary File Read via Path Traversal --- Overview | Field | Details | |---|---| | CVE ID | CVE-2026-0847 | | Package | nltk Natural...

8.6CVSS6AI score0.00924EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/03/05 7:30 p.m.6 views

CVE-2026-0847

A flaw was found in NLTK Natural Language Toolkit. This vulnerability allows a remote attacker to read arbitrary files on the server due to improper sanitization of file paths in several CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. By...

8.6CVSS7.6AI score0.00924EPSS
Exploits3References4
SUSE CVE
SUSE CVE
added 2026/03/05 1:58 p.m.2 views

SUSE CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

7.5CVSS6.5AI score0.00924EPSS
Exploits3References3
EUVD
EUVD
added 2026/03/04 9:32 p.m.10 views

EUVD-2026-9475

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS6.6AI score0.00924EPSS
Exploits3References2
Github Security Blog
Github Security Blog
added 2026/03/04 9:32 p.m.12 views

NLTK has a Path Traversal issue

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS7.8AI score0.00924EPSS
Exploits3References4Affected Software1
OSV
OSV
added 2026/03/04 7:16 p.m.4 views

DEBIAN-CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

7.5CVSS8.7AI score0.00924EPSS
Exploits3References1
PyPA
PyPA
added 2026/03/04 7:16 p.m.9 views

PYSEC-2026-98

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS7.8AI score0.00924EPSS
Exploits3References2Affected Software1
NVD
NVD
added 2026/03/04 7:16 p.m.17 views

CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS0.00924EPSS
Exploits3References6
UbuntuCve
UbuntuCve
added 2026/03/04 7:16 p.m.5 views

CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS7.6AI score0.00924EPSS
Exploits3References6
OSV
OSV
added 2026/03/04 7:16 p.m.3 views

UBUNTU-CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS6.4AI score0.00924EPSS
Exploits3References7
ATTACKERKB
ATTACKERKB
added 2026/03/04 6:25 p.m.7 views

CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS6.6AI score0.00924EPSS
Exploits3References2
Cvelist
Cvelist
added 2026/03/04 6:25 p.m.33 views

CVE-2026-0847 Path Traversal in nltk/nltk

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS0.00924EPSS
Exploits3References1
CVE
CVE
added 2026/03/04 6:25 p.m.37 views

CVE-2026-0847

NLTK up to 3.9.2 contains a path traversal vulnerability in CorpusReader classes (WordListCorpusReader, TaggedCorpusReader, BracketParseCorpusReader) that can lead to arbitrary file reads on the server. Root cause is improper sanitization/validation of file paths, enabling access to sensitive fil...

8.6CVSS6.6AI score0.00924EPSS
Exploits3References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/04 6:25 p.m.3 views

CVE-2026-0847 Path Traversal in nltk/nltk

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS6.6AI score0.00924EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2026/03/04 6:25 p.m.8 views

CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS8.7AI score0.00924EPSS
Exploits3
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.10 views

NLTK 路径遍历漏洞

NLTK is an open-source natural language toolkit developed by NLTK. It is used to support research and development in natural language processing. NLTK versions 3.9.2 and earlier contained a path traversal vulnerability. This vulnerability stemmed from multiple CorpusReader classes not properly...

8.6CVSS7.4AI score0.00924EPSS
Exploits3References3
Huntr
Huntr
added 2025/12/04 6:25 p.m.20 views

NLTK – Multiple CorpusReader classes allow Arbitrary File Read via Path Traversal

This report is not public...

8.6CVSS5.9AI score0.00924EPSS
Exploits3
Huntr
Huntr
added 2025/12/04 4:26 p.m.5 views

Arbitrary File Read via FileSystemPathPointer + PlaintextCorpusReader (bypass even if nltk.data.find() is patched

This report is not public...

5.3AI score
Exploits0
Rows per page
Query Builder