CVE-2026-33236

Name of the Vulnerable Software and Affected Versions NLTK versions 3.9.3 and prior

Description NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. The NLTK downloader does not validate the subdir and id attributes when processing remote XML index files. This allows attackers controlling a remote XML index server to provide malicious values containing path traversal sequences (such as ../). Successful exploitation can lead to arbitrary directory creation, arbitrary file creation, and arbitrary file overwrite. The key code locations involved are the XML parsing without validation in nltk/downloader.py:253, path construction without checks in nltk/downloader.py:679, unrestricted directory creation in nltk/downloader.py:687, and file writing without protection in nltk/downloader.py:695. An attack chain involves an attacker controlling a remote XML index server, providing a malicious XML file with path traversal sequences, and the victim executing the downloader. This can result in system file overwrites.

Recommendations Versions prior to 3.9.4 are affected.