CVE-2025-14009 Zip Slip Vulnerability in nltk/nltk Leading to Remote Code Execution

A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The unzipiter function in nltk/downloader.py uses zipfile.extractall without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when...

GitHub Desktop (MacOS) Code Execution Vulnerability

Github Desktop is an application that allows users to interact with GitHub using a GUI rather than a command line or web browser.The GitHub Desktop macOS code execution vulnerability allows attackers to use URLs such as smb or openlocalrepo to implement a 1 click RCE attack, which results in code...