Lucene search
K

4 matches found

OSV
OSV
added 2026/06/30 1:16 a.m.4 views

UBUNTU-CVE-2026-12243

NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue 3504. The UNSAFENOPROTOCOLRE regex in nltk/data.py checks for literal ../ sequences but fails to account for percent-encoded traversal sequences such as ..%2f. The url2pathname function decodes...

7.5CVSS7.2AI score0.0051EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2026/04/24 12:0 a.m.158 views

📄 NLTK 3.9.2 Path Traversal / File Disclosure

NLTK version 3.9.2 suffers from a path traversal vulnerability that allows for file disclosure. ================================================================================================================================== | Title : NLTK 3.9.2 Path Traversal - File Disclosure Exploit | | Auth...

8.6CVSS5.4AI score0.00924EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2026/03/19 12:42 p.m.6 views

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +928 more potentially affected by CVE-2026-33231 via nltk (>=2.0.4 <=3.9.3)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-33231 Source advisory: OSV:GHSA-JM6W-M3J8-898G...

7.5CVSS6.7AI score0.00875EPSS
Exploits1
EUVD
EUVD
added 2026/03/09 9:31 p.m.8 views

EUVD-2026-10351

A vulnerability in the filestring function of the nltk.util module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files specified by user input without sanitization, enabling attackers to access sensitive system files by...

8.6CVSS5.9AI score0.00428EPSS
Exploits1References2
Rows per page
Query Builder