CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Ubuntu•added 2026/05/25 3:53 p.m.•13 views

USN-8302-1: NLTK vulnerabilities

It was discovered that NLTK incorrectly validated file paths when opening files using the nltk.util module. An attacker could possibly use this issue to obtain sensitive information. CVE-2026-0846 It was discovered that NLTK incorrectly validated file paths in multiple CorpusReader classes. An...

10CVSS7AI score0.00777EPSS

Exploits10

SUSE CVE•added 2026/03/24 12:24 a.m.•8 views

SUSE CVE-2026-33236

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, the NLTK downloader does not validate the subdir and id attributes when processing remote XML index...

8.1CVSS6AI score0.00397EPSS

Exploits1References3

NVD•added 2026/03/20 11:16 p.m.•7 views

CVE-2026-33236

8.1CVSS0.00397EPSS

Exploits1References2

OSV•added 2026/03/20 11:16 p.m.•3 views

UBUNTU-CVE-2026-33236

8.1CVSS6AI score0.00397EPSS

Exploits1References5

CVE•added 2026/03/20 10:47 p.m.•12 views

CVE-2026-33236

CVE-2026-33236 affects the NLTK downloader in versions up to 3.9.3, where remote XML index processing does not validate the subdir and id attributes. This allows an attacker-controlled XML index server to supply path traversal values (e.g., ../) that can lead to arbitrary directory creation, file...

8.1CVSS5.9AI score0.00397EPSS

Exploits1References2Affected Software1