PatchSiren cyber security CVE debrief
CVE-2026-33231 nltk CVE debrief
CVE-2026-33231 is a high-severity denial of service vulnerability in the Natural Language Toolkit (NLTK) library, specifically affecting the wordnet_app feature in versions 3.9.3 and prior. An unauthenticated remote attacker can cause the local WordNet Browser HTTP server to shut down immediately by sending a specially crafted GET request. This vulnerability has been patched in a recent commit. Users should update to the latest version to mitigate this issue. The vulnerability has a CVSS score of 7.5 and is considered high severity.
- Vendor
- nltk
- Product
- Unknown
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-20
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-03-20
- Advisory updated
- 2026-06-30
Who should care
Developers and administrators using NLTK version 3.9.3 or earlier should be aware of this vulnerability. Additionally, security teams and researchers monitoring for potential denial of service attacks against NLTK-based applications should also take note. Red Hat users may find additional information in errata RHSA-2026:19712 and RHSA-2026:24977.
Technical summary
The NLTK library's wordnet_app feature, when started in its default mode, is vulnerable to a denial of service attack. A simple GET request to /SHUTDOWN%20THE%20SERVER can cause the process to terminate immediately via os._exit(0). This issue has been patched in commit bbaae83db86a0f49e00f5b0db44a7254c268de9b. The vulnerability is tracked as CWE-306 and has a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.
Defensive priority
This vulnerability should be prioritized for remediation due to its high severity and potential for exploitation. Affected users should update to the patched version as soon as possible.
Recommended defensive actions
- Update NLTK to the latest version to apply the patch.
- Review and restrict access to the WordNet Browser HTTP server.
- Monitor for suspicious GET requests to /SHUTDOWN%20THE%20SERVER.
- Consider implementing additional security measures for NLTK-based applications.
- Review application logs for signs of exploitation attempts.
Evidence notes
The CVE record and NVD detail provide official information about the vulnerability. Additional references from Red Hat and GitHub offer further context and mitigation strategies. The vulnerability has been actively modified and updated since its initial publication.
Official resources
-
CVE-2026-33231 CVE record
CVE.org
-
CVE-2026-33231 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Patch
-
Mitigation or vendor reference
[email protected] - Exploit, Vendor Advisory
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article was generated with AI assistance based on the supplied source corpus.