CVE-2026-0846
HIGHCVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Lifecycle Timeline
2Description
A vulnerability in the `filestring()` function of the `nltk.util` module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files specified by user input without sanitization, enabling attackers to access sensitive system files by providing absolute paths or traversal paths. This vulnerability can be exploited locally or remotely, particularly in scenarios where the function is used in web APIs or other interfaces that accept user-supplied input.
Analysis
Unsafe path handling in NLTK's filestring() function enables attackers to read arbitrary files on affected iOS and AI/ML systems through improper input validation. An unauthenticated attacker can exploit this over the network by supplying directory traversal or absolute paths to access sensitive data, with particular risk in deployments exposing the function through web APIs. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all systems and applications using NLTK 3.9.2 and assess exposure; document findings in your vulnerability management system and notify relevant application owners. Within 7 days: Implement compensating controls (disable filestring() function if unused, apply WAF rules to block suspicious file access patterns, restrict NLTK process permissions); evaluate upgrading to a patched version if available from vendor. …
Sign in for detailed remediation steps.
Priority Score
Vendor Status
Share
External POC / Exploit Code
Leaving vuln.today