CVE-2026-0846

Source
https://cve.org/CVERecord?id=CVE-2026-0846
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0846.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-0846
Aliases
Downstream
Published
2026-03-09T19:19:09.464Z
Modified
2026-07-16T03:31:17.580543616Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
Arbitrary File Read via Absolute Path Input in nltk.util.filestring()
Details

A vulnerability in the filestring() function of the nltk.util module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files specified by user input without sanitization, enabling attackers to access sensitive system files by providing absolute paths or traversal paths. This vulnerability can be exploited locally or remotely, particularly in scenarios where the function is used in web APIs or other interfaces that accept user-supplied input.

Database specific
{
    "cwe_ids": [
        "CWE-36"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/0xxx/CVE-2026-0846.json",
    "cna_assigner": "@huntr_ai"
}
References

Affected packages

Git / github.com/nltk/nltk

Affected ranges

Type
GIT
Repo
https://github.com/nltk/nltk
Events
Database specific
{
    "cpe": "cpe:2.3:a:nltk:nltk:3.9.2:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "3.9.2"
        },
        {
            "last_affected": "3.9.2"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

3.*
3.9.2
v3.*
v3.9.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0846.json"