Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

vulnersOsv
vulnersOsvadded 2026/03/19 12:42 p.m.1 views

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2026-33236 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-33236 Source advisory: OSV:GHSA-469J-VMHF-R6V7...

8.1CVSS7.7AI score0.00397EPSS
Exploits1
vulnersOsv
vulnersOsvadded 2026/03/09 9:31 p.m.3 views

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2026-0846 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0846 Source advisory: OSV:GHSA-H8WQ-7XC4-P3QX...

8.6CVSS7.5AI score0.00359EPSS
Exploits1
UbuntuCve
UbuntuCveadded 2026/03/05 9:16 p.m.1 views

CVE-2026-0848

NLTK versions =3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR file, enabling the execution of...

10CVSS8AI score0.00777EPSS
Exploits3References5
CVE
CVEadded 2026/03/05 8:48 p.m.25 views

CVE-2026-0848

NLTK versions ≤3.9.2 are vulnerable due to the StanfordSegmenter loading external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR, enabling arbitrary Java bytecode execution at import time via unvalidated classpath input. Potential attack vectors incl...

10CVSS6.7AI score0.00777EPSS
Exploits3References1Affected Software1
RedhatCVE
RedhatCVEadded 2026/03/05 7:30 p.m.4 views

CVE-2026-0847

A flaw was found in NLTK Natural Language Toolkit. This vulnerability allows a remote attacker to read arbitrary files on the server due to improper sanitization of file paths in several CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. By...

8.6CVSS7.6AI score0.00747EPSS
Exploits3References4
Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.5 views

PT-2026-23514

Name of the Vulnerable Software and Affected Versions NLTK versions 3.9.2 and earlier Description The software contains a flaw due to improper input validation in the StanfordSegmenter module, potentially leading to arbitrary code execution. The module dynamically loads external Java .jar files...

10CVSS7.6AI score0.00777EPSS
Exploits3References20
vulnersOsv
vulnersOsvadded 2026/02/18 6:30 p.m.1 views

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2025-14009 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2025-14009 Source advisory: OSV:GHSA-7P94-766C-HGJP...

10CVSS7.7AI score0.00706EPSS
Exploits1
Rows per page
Query Builder