8 matches found
Security Bulletin: Multiple Vulnerabilities in NLTK bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage
Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the Natural Language Toolkit NLTK library, which is susceptible to several critical security vulnerabilities. These flaws could allow a remote attacker to execute arbitrary code, perform arbitrary file reads via path...
📄 NLTK 3.9.2 Path Traversal / File Disclosure
NLTK version 3.9.2 suffers from a path traversal vulnerability that allows for file disclosure. ================================================================================================================================== | Title : NLTK 3.9.2 Path Traversal - File Disclosure Exploit | | Auth...
Mageia: Security Advisory (MGASA-2026-0057)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python311-nltk-3.9.3-1.1 on GA media (moderate)
python311-nltk-3.9.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10304-1 Rating: moderate Cross-References: CVE-2026-0847 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +924 more potentially affected by CVE-2026-0847 via nltk (>=2.0.4 <=3.9.2)
nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: OSV:GHSA-68J8-PQ59-FQGM...
01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +924 more potentially affected by CVE-2026-0847 via nltk (>=2.0.4 <=3.9.2)
nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: OSV:PYSEC-2026-98...
CVE-2026-0847
A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...
01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +922 more potentially affected by CVE-2026-0847 via nltk (>=3.0.0 <=3.9.2)
nltk PYPI version =3.0.0, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: SNYK:PYTHON-NLTK-15460762...