NLTK Support & Health

GHSA-2ww3-fxvq-293j CVSS_V3

NLTK Vulnerable to REDoS

Published: 2021-09-29 Fixed in: 3.6.4

GHSA-469j-vmhf-r6v7 CVSS_V3

NLTK has a Downloader Path Traversal Vulnerability (AFO) - Arbitrary File Overwrite

Published: 2026-03-19 No fix available

GHSA-68j8-pq59-fqgm CVSS_V3

NLTK has a Path Traversal issue

Published: 2026-03-04 No fix available

GHSA-7p94-766c-hgjp CVSS_V3

NLTK has a Zip Slip Vulnerability

Published: 2026-02-18 Fixed in: 3.9.3

GHSA-cgvx-9447-vcch CVSS_V3

ntlk unsafe deserialization vulnerability

Published: 2024-06-28 Fixed in: 3.9

GHSA-f8m6-h2c7-8h9x CVSS_V3

Inefficient Regular Expression Complexity in nltk (word_tokenize, sent_tokenize)

Published: 2022-01-06 Fixed in: 3.6.6

GHSA-gfwx-w7gr-fvh7 CVSS_V3

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in nltk

Published: 2026-03-18 Fixed in: 3.9.4

GHSA-h8wq-7xc4-p3qx CVSS_V3

NLTK has Arbitrary File Read via Absolute Path Input in nltk.util.filestring()

Published: 2026-03-09 Fixed in: 3.9.3

GHSA-jm6w-m3j8-898g CVSS_V3

Unauthenticated remote shutdown in nltk.app.wordnet_app

Published: 2026-03-19 Fixed in: 3.9.4

GHSA-mr7p-25v2-35wr CVSS_V3

NLTK Vulnerable To Path Traversal

Published: 2019-08-23 Fixed in: 3.4.5

NLTK