CVE-2026-12243: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in nltk nltk/nltk
NLTK version 3.9.4 contains a path traversal vulnerability due to improper handling of percent-encoded sequences in resource paths. The vulnerability allows attackers to bypass pathname restrictions and read arbitrary files accessible to the Python process by exploiting how resource names are validated and decoded. This affects applications using NLTK for resource loading, including NLP web apps, Jupyter notebooks, and CLI tools. The default configuration setting further increases risk by not enforcing file read restrictions at the open stage.
AI Analysis
Technical Summary
CVE-2026-12243 is a path traversal vulnerability in NLTK 3.9.4 caused by an incomplete fix for a previous issue. The regex `_UNSAFE_NO_PROTOCOL_RE` in `nltk/data.py` only checks for literal '../' sequences but does not detect percent-encoded traversal sequences like '..%2f'. Since `url2pathname()` decodes these sequences after validation, an attacker can bypass the pathname restriction and cause arbitrary file reads via the `resource_name` parameter in `nltk.data.load()` or `nltk.data.find()`. The vulnerability is exacerbated by the default setting `pathsec.ENFORCE=False`, which does not block file reads at the open() call.
Potential Impact
An attacker can read arbitrary files accessible to the Python process by supplying crafted resource names that include percent-encoded path traversal sequences. This can lead to unauthorized disclosure of sensitive information in applications that use NLTK for resource loading. The vulnerability does not allow code execution or denial of service but poses a confidentiality risk.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should consider manually validating and sanitizing resource names passed to `nltk.data.load()` and `nltk.data.find()`. Additionally, enabling stricter enforcement of pathname restrictions if configurable (e.g., setting `pathsec.ENFORCE=True`) may reduce risk. Monitor official NLTK channels for updates and apply patches once released.
CVE-2026-12243: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in nltk nltk/nltk
Description
NLTK version 3.9.4 contains a path traversal vulnerability due to improper handling of percent-encoded sequences in resource paths. The vulnerability allows attackers to bypass pathname restrictions and read arbitrary files accessible to the Python process by exploiting how resource names are validated and decoded. This affects applications using NLTK for resource loading, including NLP web apps, Jupyter notebooks, and CLI tools. The default configuration setting further increases risk by not enforcing file read restrictions at the open stage.
CVSS v3.0
Score 7.5high
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-12243 is a path traversal vulnerability in NLTK 3.9.4 caused by an incomplete fix for a previous issue. The regex `_UNSAFE_NO_PROTOCOL_RE` in `nltk/data.py` only checks for literal '../' sequences but does not detect percent-encoded traversal sequences like '..%2f'. Since `url2pathname()` decodes these sequences after validation, an attacker can bypass the pathname restriction and cause arbitrary file reads via the `resource_name` parameter in `nltk.data.load()` or `nltk.data.find()`. The vulnerability is exacerbated by the default setting `pathsec.ENFORCE=False`, which does not block file reads at the open() call.
Potential Impact
An attacker can read arbitrary files accessible to the Python process by supplying crafted resource names that include percent-encoded path traversal sequences. This can lead to unauthorized disclosure of sensitive information in applications that use NLTK for resource loading. The vulnerability does not allow code execution or denial of service but poses a confidentiality risk.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should consider manually validating and sanitizing resource names passed to `nltk.data.load()` and `nltk.data.find()`. Additionally, enabling stricter enforcement of pathname restrictions if configurable (e.g., setting `pathsec.ENFORCE=True`) may reduce risk. Monitor official NLTK channels for updates and apply patches once released.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- @huntr_ai
- Date Reserved
- 2026-06-15T06:24:30.096Z
- Cvss Version
- 3.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a431a1b27e9c7971945a790
Added to database: 06/30/2026, 01:21:31 UTC
Last enriched: 06/30/2026, 01:36:19 UTC
Last updated: 06/30/2026, 03:23:15 UTC
Views: 21
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.