CVE-2026-0846

HIGH

nltk 3.9.2 - Path Traversal

Title source: llm

Description

A vulnerability in the `filestring()` function of the `nltk.util` module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files specified by user input without sanitization, enabling attackers to access sensitive system files by providing absolute paths or traversal paths. This vulnerability can be exploited locally or remotely, particularly in scenarios where the function is used in web APIs or other interfaces that accept user-supplied input.

References (1)

[Exploit, Third Party Advisory] https://huntr.com/bounties/007b84f8-418e-4300-99d0-bf504c2f97eb

Scores

CVSS v3 7.5

EPSS 0.0009

EPSS Percentile 25.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-36

Status published

Products (3)

nltk/nltk 3.9.2

nltk/nltk/nltk unspecified - latest

pypi/nltk 0 - 3.9.3PyPI

Published Mar 09, 2026

Tracked Since Mar 10, 2026