CVE-2026-12252 | nltk up to 3.9.3 Stanford Interface code injection (EUVD-2026-41656)
A vulnerability categorized as critical has been discovered in nltk up to 3.9.3. This vulnerability affects the function StanfordPOSTagger/StanfordNERTagger/StanfordParser/StanfordDependencyParser/StanfordNeuralDependencyParser of the component Stanford Interface. Executing a manipulation can lead to code injection.
This vulnerability appears as CVE-2026-12252. The attack requires local access. There is no available exploit.
It is advisable to upgrade the affected component.VulDB Recent EntriesRead More