Browse all 10 CVE security advisories affecting nltk. AI-powered Chinese analysis, POCs, and references for each vulnerability.
NLTK is a Python library for natural language processing, widely used in text analysis, machine learning, and computational linguistics applications. Historically, it has been susceptible to remote code execution vulnerabilities through unsafe deserialization of pickled data, cross-site scripting flaws in web-based implementations, and privilege escalation via insecure file operations. While no major public security incidents have been widely documented, the 10 recorded CVEs highlight recurring issues related to input validation and unsafe data handling. Its extensive use in data science pipelines makes it a potential attack vector for compromising systems processing sensitive text data, particularly when untrusted inputs are processed without proper sanitization.
This page lists every published CVE security advisory associated with nltk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.