CVE-2026-12243 | NLTK version 3.9.4 is vulnerable to a path traversal attack … | CVSS 7.5 HIGH

Description

NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue #3504. The `_UNSAFE_NO_PROTOCOL_RE` regex in `nltk/data.py` checks for literal `../` sequences but fails to account for percent-encoded traversal sequences such as `..%2f`. The `url2pathname()` function decodes these sequences after the validation step, allowing an attacker to bypass the protection. This vulnerability enables an attacker to read arbitrary files accessible to the Python process by controlling the resource name parameter passed to `nltk.data.load()` or `nltk.data.find()`. The issue affects applications that rely on NLTK for resource loading, including NLP web applications, Jupyter notebooks, and CLI tools. The default `pathsec.ENFORCE=False` setting exacerbates the impact by not blocking the file read at the `open()` stage.

Metadata

CVE ID: CVE-2026-12243
State: PUBLISHED
Assigner: @huntr_ai
Reserved: 2026-06-15 06:24 UTC
Published: 2026-06-30 00:14 UTC
Last updated: 2026-06-30 00:14 UTC
Primary CWE: CWE-22
CWE-22 Improper Limitation of a Pathname to a Restricted Dir…
Vendor / Product: nltk / nltk/nltk
Sources: cve.org · NVD

Severity & Metrics

7.5 HIGH CVSS 3.0

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products (1)

Vendor	Product	Platform	Versions
nltk	nltk/nltk	—	unspecified ≤ latest

Weakness (CWE)

CWE	Source	Description
CWE-22	cna	CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSS scores (1)

Score	Severity	Version	Source	Vector
7.5	HIGH	3.0	cna	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References (1)

https://huntr.com/bounties/39aa9354-54ca-4e77-96da-580eb1fe6ed1