pkg:PyPI/nltk

All known vulnerabilities

• CRITICAL10.0CVE-2026-0848NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module.
  from 0, < 3.9.3
• CRITICAL10.0CVE-2025-14009NLTK has a Zip Slip Vulnerability
  from 0, < 3.9.3
• CRITICAL10.0CVE-2025-14009NLTK has a Zip Slip Vulnerability
  from 0, < 3.9.3
• HIGH8.6NLTK has Arbitrary File Read via Absolute Path Input in nltk.util.filestring()
  from 0, < 3.9.3
• HIGH8.6NLTK has Arbitrary File Read via Absolute Path Input in nltk.util.filestring()
  from 0, <= 3.9.2
• HIGH8.6NLTK has a Path Traversal issue
  from 0, < 3.9.3
• HIGH8.6NLTK has a Path Traversal issue
  from 0, <= 3.9.2
• HIGH8.1NLTK has a Downloader Path Traversal Vulnerability (AFO) - Arbitrary File Overwrite
  from 0, <= 3.9.2
• HIGH7.5Unauthenticated remote shutdown in nltk.app.wordnet_app
  from 0, < 3.9.4
• HIGH7.5ntlk unsafe deserialization vulnerability
  from 0, < 3.9
• HIGH7.5ntlk unsafe deserialization vulnerability
  from 0, < 3.9
• HIGH7.5NLTK Vulnerable to REDoS
  from 0, < 3.6.6
• HIGH7.5NLTK Vulnerable to REDoS
  from 0, < 2a50a3edc9d35f57ae42a921c621edc160877f4d | from 0, < 3.6.6
• HIGH7.5Inefficient Regular Expression Complexity in nltk (word_tokenize, sent_tokenize)
  from 0, < 1405aad979c6b8080dbbc8e0858f89b2e3690341 | from 0, < 3.6.5
• HIGH7.5Inefficient Regular Expression Complexity in nltk (word_tokenize, sent_tokenize)
  from 0, < 3.6.6
• HIGH7.5NLTK Vulnerable to REDoS
  from 0, < 3.6.4
• HIGH7.5NLTK Vulnerable to REDoS
  from 0, < 277711ab1dec729e626b27aab6fa35ea5efbd7e6 | from 0, < 3.6.4
• HIGH7.5NLTK Vulnerable To Path Traversal
  from 0, < 3.4.5
• HIGH7.5NLTK Vulnerable To Path Traversal
  from 0, < f59d7ed8df2e0e957f7f247fe218032abdbe9a10 | from 0, < 3.4.5
• MEDIUM6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in nltk
  from 0, < 3.9.4