71 matches found
CVE-2026-43825
A flaw was found in Apache OpenNLP SvmDoccatModel. This vulnerability allows a remote attacker to achieve arbitrary code execution by supplying a specially crafted payload to the deserialize method. The method processes untrusted Java deserialization streams without proper validation, enabling th...
CVE-2026-43825
Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel Versions Affected: before 3.0.0-M4 libsvm document categorization module; introduced in OPENNLP-1808 and only present on the 3.x line Description: SvmDoccatModel.deserializeInputStream reads an attacker-controlled stream with...
CVE-2026-43825 Apache OpenNLP :: Core :: ML :: LibSVM: Unsafe Java Deserialization in SvmDoccatModel
Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel Versions Affected: before 3.0.0-M4 libsvm document categorization module; introduced in OPENNLP-1808 and only present on the 3.x line Description: SvmDoccatModel.deserializeInputStream reads an attacker-controlled stream with...
EUVD-2026-41885
Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel Versions Affected: before 3.0.0-M4 libsvm document categorization module; introduced in OPENNLP-1808 and only present on the 3.x line Description: SvmDoccatModel.deserializeInputStream reads an attacker-controlled stream with...
CVE-2026-43825
The CVE concerns Apache OpenNLP’s SvmDoccatModel (libsvm document categorization module), with impact on 3.x releases before 3.0.0-M4. The vulnerability arises in SvmDoccatModel.deserialize(InputStream), which uses java.io.ObjectInputStream.readObject() on an attacker-controlled stream without an...
PT-2026-55955
Name of the Vulnerable Software and Affected Versions Apache OpenNLP versions prior to 3.0.0-M4 Description Untrusted Java deserialization occurs in the SvmDoccatModel.deserializeInputStream function. The function uses java.io.ObjectInputStream to read an attacker-controlled stream and calls...
CVE-2026-42440
A flaw was found in Apache OpenNLP. A remote attacker can exploit this vulnerability by providing a specially crafted binary model .bin file. This file contains an excessively large count field, which leads to an unbounded array allocation and triggers an OutOfMemoryError. Successful exploitation...
CVE-2026-42027
A flaw was found in Apache OpenNLP. An attacker, by providing a specially crafted model archive, can exploit a vulnerability in the ExtensionLoader component. This allows the attacker to force the system to load and initialize any class present on the classpath, executing its static initializer...
SUSE CVE-2026-40682
XML External Entity XXE via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor class initializes a static SAXParserFactory at class-load time without enabling FEATURESECUREPROCESSING ...
SUSE CVE-2026-42027
Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 1.9.5, before 2.5.9, before 3.0.0-M3 Description: The ExtensionLoader.instantiateExtensionClass, String method loads a class by its fully-qualified name via Class.forName and invokes its...
Linux Distros Unpatched Vulnerability : CVE-2026-40682
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XML External Entity XXE via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3...
Linux Distros Unpatched Vulnerability : CVE-2026-42440
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3...
org.apache.opennlp:opennlp-distr (>=3.0.0-M1 <=3.0.0-M2) potentially affected by CVE-2026-42027 via org.apache.opennlp:opennlp-tools (>=3.0.0-M1 <=3.0.0-M2)
org.apache.opennlp:opennlp-tools MAVEN version =3.0.0-M1, =3.0.0-M1, =3.0.0-M2 Source cves: CVE-2026-42027 Source advisory: OSV:GHSA-CX4M-2P55-RW7J...
ae.teletronics.nlp:entityextraction (=1.3), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0) +1738 more potentially affected by CVE-2026-42027 via org.apache.opennlp:opennlp-tools (>=1.5.2-incubating <=2.5.8)
org.apache.opennlp:opennlp-tools MAVEN version =1.5.2-incubating, =0.1.0, =0.1.0, =2.12.1, =2.12.1, =19.9.0, =19.9.1, =19.9.1, =19.9.0, =19.9.0, =19.9.0, =19.9.0, =26.3.2 and more Source cves: CVE-2026-42027 Source advisory: OSV:GHSA-CX4M-2P55-RW7J...
ae.teletronics.nlp:entityextraction (=1.3), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0) +1738 more potentially affected by CVE-2026-42440 via org.apache.opennlp:opennlp-tools (>=1.5.2-incubating <=2.5.8)
org.apache.opennlp:opennlp-tools MAVEN version =1.5.2-incubating, =0.1.0, =0.1.0, =2.12.1, =2.12.1, =19.9.0, =19.9.1, =19.9.1, =19.9.0, =19.9.0, =19.9.0, =19.9.0, =26.3.2 and more Source cves: CVE-2026-42440 Source advisory: OSV:GHSA-659W-93R5-9J6M...
org.apache.opennlp:opennlp-distr (>=3.0.0-M1 <=3.0.0-M2) potentially affected by CVE-2026-42440 via org.apache.opennlp:opennlp-tools (>=3.0.0-M1 <=3.0.0-M2)
org.apache.opennlp:opennlp-tools MAVEN version =3.0.0-M1, =3.0.0-M1, =3.0.0-M2 Source cves: CVE-2026-42440 Source advisory: OSV:GHSA-659W-93R5-9J6M...
GHSA-CX4M-2P55-RW7J Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest
Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The ExtensionLoader.instantiateExtensionClass, String method loads a class by its fully-qualified name via Class.forName and invokes its no-arg...
Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest
Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The ExtensionLoader.instantiateExtensionClass, String method loads a class by its fully-qualified name via Class.forName and invokes its no-arg...
ae.teletronics.nlp:entityextraction (=1.3), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0) +1738 more potentially affected by CVE-2026-40682 via org.apache.opennlp:opennlp-tools (>=1.5.2-incubating <=2.5.8)
org.apache.opennlp:opennlp-tools MAVEN version =1.5.2-incubating, =0.1.0, =0.1.0, =2.12.1, =2.12.1, =19.9.0, =19.9.1, =19.9.1, =19.9.0, =19.9.0, =19.9.0, =19.9.0, =26.3.2 and more Source cves: CVE-2026-40682 Source advisory: OSV:GHSA-4V8G-86X5-3VRC...
org.apache.opennlp:opennlp-distr (>=3.0.0-M1 <=3.0.0-M2) potentially affected by CVE-2026-40682 via org.apache.opennlp:opennlp-tools (>=3.0.0-M1 <=3.0.0-M2)
org.apache.opennlp:opennlp-tools MAVEN version =3.0.0-M1, =3.0.0-M1, =3.0.0-M2 Source cves: CVE-2026-40682 Source advisory: OSV:GHSA-4V8G-86X5-3VRC...