CRITICAL 10.0 PyPI
PYSEC-2026-96 · CVE-2025-14009, GHSA-7p94-766c-hgjp Modified: 5/20/2026
package
PyPI / nltk
pkg:pypi/nltk
HIGH 7.5 PyPI
PYSEC-2026-97 · CVE-2026-0846, GHSA-h8wq-7xc4-p3qx Modified: 5/21/2026
HIGH 7.5 PyPI
PYSEC-2026-98 · CVE-2026-0847, GHSA-68j8-pq59-fqgm Modified: 5/20/2026
CRITICAL 10.0 PyPI
PYSEC-2026-99 · CVE-2026-0848 Modified: 5/20/2026
HIGH 7.5 PyPI
GHSA-2ww3-fxvq-293j · CVE-2021-3828, PYSEC-2021-356 NLTK Vulnerable to REDoS
Modified: 10/7/2024
HIGH 8.1 PyPI
GHSA-469j-vmhf-r6v7 · CVE-2026-33236 NLTK has a Downloader Path Traversal Vulnerability (AFO) - Arbitrary File Overwrite
Modified: 3/25/2026
HIGH 8.6 PyPI
GHSA-68j8-pq59-fqgm · CVE-2026-0847, PYSEC-2026-98 NLTK has a Path Traversal issue
Modified: 6/8/2026
CRITICAL 10.0 PyPI
GHSA-7p94-766c-hgjp · CVE-2025-14009, PYSEC-2026-96 NLTK has a Zip Slip Vulnerability
Modified: 6/6/2026
HIGH 7.5 PyPI
GHSA-cgvx-9447-vcch · CVE-2024-39705, PYSEC-2024-167 ntlk unsafe deserialization vulnerability
Modified: 2/4/2026
HIGH 7.5 PyPI
GHSA-f8m6-h2c7-8h9x · CVE-2021-43854, PYSEC-2021-859 Inefficient Regular Expression Complexity in nltk (word_tokenize, sent_tokenize)
Modified: 3/13/2026
MEDIUM 6.1 PyPI
GHSA-gfwx-w7gr-fvh7 · CVE-2026-33230 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in nltk
Modified: 3/25/2026
HIGH 8.6 PyPI
GHSA-h8wq-7xc4-p3qx · CVE-2026-0846, PYSEC-2026-97 NLTK has Arbitrary File Read via Absolute Path Input in nltk.util.filestring()
Modified: 6/8/2026
HIGH 7.5 PyPI
GHSA-jm6w-m3j8-898g · CVE-2026-33231 Unauthenticated remote shutdown in nltk.app.wordnet_app
Modified: 5/5/2026
HIGH 7.5 PyPI
GHSA-mr7p-25v2-35wr · CVE-2019-14751, PYSEC-2019-106 NLTK Vulnerable To Path Traversal
Modified: 10/7/2024
MEDIUM PyPI
GHSA-rf74-v2fm-23pw Natural Language Toolkit (NLTK) has unbounded recursion in JSONTaggedDecoder.decode_obj() may cause DoS
Modified: 3/25/2026
HIGH 7.5 PyPI
GHSA-rqjh-jp2r-59cj · CVE-2021-3842, PYSEC-2022-5 NLTK Vulnerable to REDoS
Modified: 9/26/2024
— PyPI
PYSEC-2019-106 · CVE-2019-14751, GHSA-mr7p-25v2-35wr Modified: 11/8/2023
— PyPI
PYSEC-2021-356 · CVE-2021-3828, GHSA-2ww3-fxvq-293j Modified: 11/8/2023
— PyPI
PYSEC-2021-859 · CVE-2021-43854, GHSA-f8m6-h2c7-8h9x Modified: 11/8/2023
— PyPI
PYSEC-2022-5 · CVE-2021-3842, GHSA-rqjh-jp2r-59cj Modified: 11/8/2023
— PyPI
PYSEC-2024-167 · CVE-2024-39705, GHSA-cgvx-9447-vcch Modified: 1/18/2025