[Git][security-tracker-team/security-tracker][master] Add CVE-2026-54293/nltk

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 22 21:01:41 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7e8727bd by Salvatore Bonaccorso at 2026-06-22T22:01:22+02:00
Add CVE-2026-54293/nltk

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79,7 +79,9 @@ CVE-2026-54299 (Astro is a web framework. Prior to 6.4.6, Astro SSR apps with pr
 CVE-2026-54298 (Astro is a web framework. Prior to 6.4.6, the spreadAttributes functio ...)
 	NOT-FOR-US: Astro
 CVE-2026-54293 (NLTK (Natural Language Toolkit) is a suite of open source Python modul ...)
-	TODO: check
+	- nltk <unfixed>
+	NOTE: https://github.com/nltk/nltk/security/advisories/GHSA-p4gq-832x-fm9v
+	NOTE: https://github.com/nltk/nltk/pull/3575
 CVE-2026-54290 (Hono is a Web application framework that provides support for any Java ...)
 	NOT-FOR-US: Hono
 CVE-2026-54289 (Hono is a Web application framework that provides support for any Java ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e8727bd41d9f37d40cb07f9342041b3daf45740

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e8727bd41d9f37d40cb07f9342041b3daf45740
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260622/dd562ba4/attachment.htm>


More information about the debian-security-tracker-commits mailing list