CVE-2026-0848 — Improper Input Validation in Nltk

CWE-20 — Improper Input Validation CWE-829 — Inclusion of Functionality from Untrusted Control Sphere6 documents6 sources

Severity

10.0CRITICALNVD

EPSS

0.3%

top 47.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nltk Debian Nltk Nltk Nltk

Timeline

PublishedMar 5

Description

NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR file, enabling the execution of arbitrary Java bytecode at import time. This vulnerability can be exploited through methods such as model poisoning, MITM attacks, or dependency poisoning, leading to remote code execution. The issue arise…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages3 packages

▶debiandebian/nltk< nltk 3.9.3-1 (forky)

▶Debiannltk/nltk< 3.9.3-1

▶CVEListV5nltk/nltk_nltkunspecified — latest

🔴Vulnerability Details

GHSA

GHSA-v2w2-xcg6-53wj: NLTK versions <=3↗2026-03-05

▶

OSV

CVE-2026-0848: NLTK versions <=3↗2026-03-05

▶

📋Vendor Advisories

Red Hat

nltk: NLTK: Arbitrary code execution via unvalidated Java Archive (JAR) file loading↗2026-03-05

▶

Debian

CVE-2026-0848: nltk - NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-0848 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶