CVE-2025-14009
published 2026-02-18CVE-2025-14009: A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses…
PriorityP264high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.79%
51.7th percentile
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as __init__.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potential persistence mechanisms.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nltk | < nltk 3.9.3-1 (forky) | nltk 3.9.3-1 (forky) |
| nltk | nltk | < 3.9.3 | 3.9.3 |
| nltk | nltk | >= 0 < 3.9.3-1 | 3.9.3-1 |
| nltk | nltk | >= 0 < 3.9.3 | 3.9.3 |
| nltk | nltk_nltk | unspecified – latest | — |
| ubuntu | nltk | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect Zip Slip exploitation attempts: monitor for zip archive extraction by NLTK (nltk/downloader.py _unzip_iter) that writes files outside the intended extraction directory (path traversal sequences such as '../' in zip entry names). ↗
- →Alert on unexpected creation or overwrite of __init__.py files in NLTK data/package directories following a download/extraction event, as this is the primary RCE trigger mechanism. ↗
- →Monitor file-system write events originating from the NLTK downloader process that land outside expected NLTK data directories — indicative of a Zip Slip path-traversal payload. ↗
- →Flag NLTK installations processing untrusted or externally-sourced zip archives; the vulnerability is only exploitable when NLTK extracts zip packages from untrusted sources. ↗
- ·The vulnerability is fixed in NLTK version 3.9.3-1 (Debian forky/sid). Systems running earlier versions remain vulnerable. ↗
- ·NLTK assumes all downloaded packages are trusted by design; there is no built-in validation of zip contents prior to extraction, making any deployment that processes externally-sourced packages at risk. ↗
- ·Red Hat-specific risk reduction: default authentication requirements lower the exploitability, but affected products (OpenShift Lightspeed, RHOAI) remain listed as affected with no available mitigation meeting Red Hat criteria. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.010.0CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
osv10.0CRITICAL
vendor_debian10.0CRITICAL
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
NLTK has a Zip Slip Vulnerability
ghsa·2026-02-18
CVE-2025-14009 [CRITICAL] CWE-94 NLTK has a Zip Slip Vulnerability
NLTK has a Zip Slip Vulnerability
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as __init__.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potential persistence mechanisms.
OSV
CVE-2025-14009: A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions
osv·2026-02-18·CVSS 10.0
CVE-2025-14009 [CRITICAL] CVE-2025-14009: A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as __init__.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potential persistence mechanisms.
OSV
NLTK has a Zip Slip Vulnerability
osv·2026-02-18
CVE-2025-14009 [CRITICAL] NLTK has a Zip Slip Vulnerability
NLTK has a Zip Slip Vulnerability
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as __init__.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potential persistence mechanisms.
Ubuntu
NLTK vulnerability
vendor_ubuntu·2026-04-28
CVE-2025-14009 NLTK vulnerability
Title: NLTK vulnerability
Summary: NLTK could be made to crash or run programs as your login if it opened a
specially crafted zip file.
It was discovered that NLTK incorrectly handled file extraction when
opening a maliciously crafted zip file. An attacker could possibly use this
issue to create or overwrite files on the system and execute arbitrary
code.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
nltk: Zip Slip Vulnerability in nltk Leading to Code Execution
vendor_redhat·2026-02-18·CVSS 10.0
CVE-2025-14009 [CRITICAL] CWE-94 nltk: Zip Slip Vulnerability in nltk Leading to Code Execution
nltk: Zip Slip Vulnerability in nltk Leading to Code Execution
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as __init__.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potent
Debian
CVE-2025-14009: nltk - A critical vulnerability exists in the NLTK downloader component of nltk/nltk, a...
vendor_debian·2025·CVSS 10.0
CVE-2025-14009 [CRITICAL] CVE-2025-14009: nltk - A critical vulnerability exists in the NLTK downloader component of nltk/nltk, a...
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as __init__.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potential persistence mechanisms.
Scope: local
bookworm: open
bullseye
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-14009 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 10.0
CVE-2025-14009 [CRITICAL] CVE-2025-14009 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-14009 :
Python vulnerability analysis and mitigation
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as init .py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potent
Bugzilla
CVE-2025-14009 python-nltk: Zip Slip Vulnerability in nltk Leading to Code Execution [fedora-42]
bugzilla·2026-02-18·CVSS 10.0
CVE-2025-14009 [CRITICAL] CVE-2025-14009 python-nltk: Zip Slip Vulnerability in nltk Leading to Code Execution [fedora-42]
CVE-2025-14009 python-nltk: Zip Slip Vulnerability in nltk Leading to Code Execution [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
'version' of '42'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version,
https://huntr.com/bounties/49ecbc02-054e-4470-b2e0-b267936cc4e4https://access.redhat.com/errata/RHSA-2026:10184https://access.redhat.com/security/cve/CVE-2025-14009https://bugzilla.redhat.com/show_bug.cgi?id=2440724https://huntr.com/bounties/49ecbc02-054e-4470-b2e0-b267936cc4e4https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14009.json
2026-02-18
Published