[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0848/nltk
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Mar 6 21:35:22 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
900d9d8f by Salvatore Bonaccorso at 2026-03-06T22:35:00+01:00
Add CVE-2026-0848/nltk
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -574,7 +574,8 @@ CVE-2026-21536 (Microsoft Devices Pricing Program Remote Code Execution Vulnerab
CVE-2026-1128 (The WP eCommerce WordPress plugin through 3.15.1 does not have CSRF ch ...)
NOT-FOR-US: WordPress plugin
CVE-2026-0848 (NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due t ...)
- TODO: check
+ - nltk <unfixed>
+ NOTE: https://huntr.com/bounties/08b109bb-ac24-403f-9422-1c246ce60202
CVE-2025-70995 (An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows auth ...)
NOT-FOR-US: Aranda Service Desk Web Edition
CVE-2025-70949 (An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/900d9d8f3a0413fa91d4baf447a4420180ffc2d8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/900d9d8f3a0413fa91d4baf447a4420180ffc2d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260306/fe2eb749/attachment.htm>
More information about the debian-security-tracker-commits
mailing list