CVE-2026-0846 Arbitrary File Read via Absolute Path Input in nltk.util.filestring()

A vulnerability in the filestring function of the nltk.util module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files specified by user input without sanitization, enabling attackers to access sensitive system files by...