Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : NLTK vulnerability (USN-8214-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8214-1 advisory. It was discovered that NLTK incorrectly handled file extraction when opening a maliciously...

CVE-2026-33230 nltk Vulnerable to Cross-site Scripting

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, nltk.app.wordnetapp contains a reflected cross-site scripting issue in the lookup... route. A crafted...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +939 more potentially affected by CVE-2026-33236 via nltk (>=2.0.4 <=3.9.3)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-33236 Source advisory: SNYK:PYTHON-NLTK-15692505...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +939 more potentially affected by CVE-2026-33231 via nltk (>=2.0.4 <=3.9.3)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-33231 Source advisory: SNYK:PYTHON-NLTK-15692504...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +939 more potentially affected by CVE-2026-33231 via nltk (>=2.0.4 <=3.9.3)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-33231 Source advisory: OSV:GHSA-JM6W-M3J8-898G...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +939 more potentially affected by unknown CVE via nltk (>=2.0.4 <=3.9.3)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-NLTK-15692479...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +939 more potentially affected by unknown CVE via nltk (>=2.0.4 <=3.9.3)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-RF74-V2FM-23PW...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2026-0846 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0846 Source advisory: OSV:PYSEC-2026-97...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +933 more potentially affected by CVE-2026-0846 via nltk (>=3.0.0 <=3.9.2)

nltk PYPI version =3.0.0, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0846 Source advisory: SNYK:PYTHON-NLTK-15460783...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2026-0848 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0848 Source advisory: OSV:PYSEC-2026-99...

Unsafe Dependency Resolution

Overview nltk is a Natural Language Toolkit NLTK is a Python package for natural language processing. Affected versions of this package are vulnerable to Unsafe Dependency Resolution due to lack of verification or sandboxing in the StanfordSegmenter module, when unvalidated Java Archive JAR files...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +933 more potentially affected by CVE-2026-0848 via nltk (>=3.0.0 <=3.9.2)

nltk PYPI version =3.0.0, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0848 Source advisory: SNYK:PYTHON-NLTK-15763329...

NLTK 输入验证错误漏洞

NLTK is an open-source natural language toolkit developed by NLTK. It is used to support research and development in natural language processing. Versions of NLTK 3.9.2 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from improper input...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2026-0847 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: OSV:PYSEC-2026-98...

CVE-2026-0847

NLTK up to 3.9.2 contains a path traversal vulnerability in CorpusReader classes (WordListCorpusReader, TaggedCorpusReader, BracketParseCorpusReader) that can lead to arbitrary file reads on the server. Root cause is improper sanitization/validation of file paths, enabling access to sensitive fil...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +933 more potentially affected by CVE-2026-0847 via nltk (>=3.0.0 <=3.9.2)

nltk PYPI version =3.0.0, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: SNYK:PYTHON-NLTK-15460762...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2025-14009 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2025-14009 Source advisory: OSV:PYSEC-2026-96...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +933 more potentially affected by CVE-2025-14009 via nltk (>=3.0.0 <=3.9.2)

nltk PYPI version =3.0.0, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2025-14009 Source advisory: SNYK:PYTHON-NLTK-15317401...

EUVD-2021-0148

Malware in sbrugna...

EUVD-2021-0147

Malware in sbrugna...