argilla-1.25.0-py3-none-any.whl: 8 vulnerabilities (highest severity is: 10.0) #15
Description
Vulnerable Library - argilla-1.25.0-py3-none-any.whl
Path to dependency file: /requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260309120528_NCWYTV/python_KWDIRO/202603091205291/env/lib/python3.9/site-packages/pygments-2.19.2.dist-info
Found in HEAD commit: 09f51f74740b88648be208302ec569217b51a66f
Vulnerabilities
| Vulnerability | Severity |  CVSS |
Exploit Maturity | EPSS | Dependency | Type | Fixed in (argilla version) | Remediation Possible** | Reachability |
|---|---|---|---|---|---|---|---|---|---|
| CVE-2026-0848 |  Critical |
10.0 | Not Defined | 0.5% | nltk-3.9.2-py3-none-any.whl | Transitive | 1.26.0 | ✅ | |
| CVE-2025-14009 | Critical |
10.0 | Not Defined | 0.6% | nltk-3.9.2-py3-none-any.whl | Transitive | N/A* | ❌ | |
| CVE-2026-0847 |  High |
8.6 | Not Defined | 0.3% | nltk-3.9.2-py3-none-any.whl | Transitive | 1.26.0 | ✅ | |
| CVE-2026-0846 | High |
8.6 | Not Defined | 0.1% | nltk-3.9.2-py3-none-any.whl | Transitive | 1.26.0 | ✅ | |
| CVE-2026-33236 | High |
8.1 | Not Defined | 0.0% | nltk-3.9.2-py3-none-any.whl | Transitive | N/A* | ❌ | |
| CVE-2026-33231 | High |
7.5 | Not Defined | 0.1% | nltk-3.9.2-py3-none-any.whl | Transitive | N/A* | ❌ | |
| CVE-2026-33230 |  Medium |
6.1 | Not Defined | 0.0% | nltk-3.9.2-py3-none-any.whl | Transitive | N/A* | ❌ | |
| CVE-2026-4539 |  Low |
3.3 | Proof of concept | 0.0% | pygments-2.19.2-py3-none-any.whl | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2026-0848
Vulnerable Library - nltk-3.9.2-py3-none-any.whl
Natural Language Toolkit
Library home page: https://files.pythonhosted.org/packages/60/90/81ac364ef94209c100e12579629dc92bf7a709a84af32f8c551b02c07e94/nltk-3.9.2-py3-none-any.whl
Path to dependency file: /requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260309120528_NCWYTV/python_KWDIRO/202603091205291/env/lib/python3.9/site-packages/nltk-3.9.2.dist-info
Dependency Hierarchy:
- argilla-1.25.0-py3-none-any.whl (Root Library)
- ❌ nltk-3.9.2-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 09f51f74740b88648be208302ec569217b51a66f
Found in base branch: main
Vulnerability Details
NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR file, enabling the execution of arbitrary Java bytecode at import time. This vulnerability can be exploited through methods such as model poisoning, MITM attacks, or dependency poisoning, leading to remote code execution. The issue arises from the direct execution of the JAR file via subprocess with unvalidated classpath input, allowing malicious classes to execute when loaded by the JVM.
Publish Date: 2026-03-05
URL: CVE-2026-0848
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.5%
CVSS 3 Score Details (10.0)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://huntr.com/bounties/08b109bb-ac24-403f-9422-1c246ce60202
Release Date: 2026-03-05
Fix Resolution (nltk): 3.9.3
Direct dependency fix Resolution (argilla): 1.26.0
In order to enable automatic remediation, please create workflow rules
CVE-2025-14009
Vulnerable Library - nltk-3.9.2-py3-none-any.whl
Natural Language Toolkit
Library home page: https://files.pythonhosted.org/packages/60/90/81ac364ef94209c100e12579629dc92bf7a709a84af32f8c551b02c07e94/nltk-3.9.2-py3-none-any.whl
Path to dependency file: /requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260309120528_NCWYTV/python_KWDIRO/202603091205291/env/lib/python3.9/site-packages/nltk-3.9.2.dist-info
Dependency Hierarchy:
- argilla-1.25.0-py3-none-any.whl (Root Library)
- ❌ nltk-3.9.2-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 09f51f74740b88648be208302ec569217b51a66f
Found in base branch: main
Vulnerability Details
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as init.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potential persistence mechanisms.
Mend Note: The description of this vulnerability differs from MITRE.
Publish Date: 2026-02-18
URL: CVE-2025-14009
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.6%
CVSS 3 Score Details (10.0)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: GHSA-7p94-766c-hgjp
Release Date: 2026-02-18
Fix Resolution: nltk - 3.9.3
CVE-2026-0847
Vulnerable Library - nltk-3.9.2-py3-none-any.whl
Natural Language Toolkit
Library home page: https://files.pythonhosted.org/packages/60/90/81ac364ef94209c100e12579629dc92bf7a709a84af32f8c551b02c07e94/nltk-3.9.2-py3-none-any.whl
Path to dependency file: /requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260309120528_NCWYTV/python_KWDIRO/202603091205291/env/lib/python3.9/site-packages/nltk-3.9.2.dist-info
Dependency Hierarchy:
- argilla-1.25.0-py3-none-any.whl (Root Library)
- ❌ nltk-3.9.2-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 09f51f74740b88648be208302ec569217b51a66f
Found in base branch: main
Vulnerability Details
A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling attackers to traverse directories and access sensitive files on the server. This issue is particularly critical in scenarios where user-controlled file inputs are processed, such as in machine learning APIs, chatbots, or NLP pipelines. Exploitation of this vulnerability can lead to unauthorized access to sensitive files, including system files, SSH private keys, and API tokens, and may potentially escalate to remote code execution when combined with other vulnerabilities.
Publish Date: 2026-03-04
URL: CVE-2026-0847
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.3%
CVSS 3 Score Details (8.6)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: Low
- Availability Impact: Low
Suggested Fix
Type: Upgrade version
Release Date: 2026-03-04
Fix Resolution (nltk): 3.9.3
Direct dependency fix Resolution (argilla): 1.26.0
In order to enable automatic remediation, please create workflow rules
CVE-2026-0846
Vulnerable Library - nltk-3.9.2-py3-none-any.whl
Natural Language Toolkit
Library home page: https://files.pythonhosted.org/packages/60/90/81ac364ef94209c100e12579629dc92bf7a709a84af32f8c551b02c07e94/nltk-3.9.2-py3-none-any.whl
Path to dependency file: /requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260309120528_NCWYTV/python_KWDIRO/202603091205291/env/lib/python3.9/site-packages/nltk-3.9.2.dist-info
Dependency Hierarchy:
- argilla-1.25.0-py3-none-any.whl (Root Library)
- ❌ nltk-3.9.2-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 09f51f74740b88648be208302ec569217b51a66f
Found in base branch: main
Vulnerability Details
A vulnerability in the "filestring()" function of the "nltk.util" module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files specified by user input without sanitization, enabling attackers to access sensitive system files by providing absolute paths or traversal paths. This vulnerability can be exploited locally or remotely, particularly in scenarios where the function is used in web APIs or other interfaces that accept user-supplied input.
Publish Date: 2026-03-09
URL: CVE-2026-0846
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.1%
CVSS 3 Score Details (8.6)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: Low
- Availability Impact: Low
Suggested Fix
Type: Upgrade version
Release Date: 2026-03-09
Fix Resolution (nltk): 3.9.3
Direct dependency fix Resolution (argilla): 1.26.0
In order to enable automatic remediation, please create workflow rules
CVE-2026-33236
Vulnerable Library - nltk-3.9.2-py3-none-any.whl
Natural Language Toolkit
Library home page: https://files.pythonhosted.org/packages/60/90/81ac364ef94209c100e12579629dc92bf7a709a84af32f8c551b02c07e94/nltk-3.9.2-py3-none-any.whl
Path to dependency file: /requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260309120528_NCWYTV/python_KWDIRO/202603091205291/env/lib/python3.9/site-packages/nltk-3.9.2.dist-info
Dependency Hierarchy:
- argilla-1.25.0-py3-none-any.whl (Root Library)
- ❌ nltk-3.9.2-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 09f51f74740b88648be208302ec569217b51a66f
Found in base branch: main
Vulnerability Details
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, the NLTK downloader does not validate the "subdir" and "id" attributes when processing remote XML index files. Attackers can control a remote XML index server to provide malicious values containing path traversal sequences (such as "../"), which can lead to arbitrary directory creation, arbitrary file creation, and arbitrary file overwrite. Commit 89fe2ec2c6bae6e2e7a46dad65cc34231976ed8a patches the issue.
Publish Date: 2026-03-20
URL: CVE-2026-33236
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.0%
CVSS 3 Score Details (8.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: High
- Availability Impact: High
CVE-2026-33231
Vulnerable Library - nltk-3.9.2-py3-none-any.whl
Natural Language Toolkit
Library home page: https://files.pythonhosted.org/packages/60/90/81ac364ef94209c100e12579629dc92bf7a709a84af32f8c551b02c07e94/nltk-3.9.2-py3-none-any.whl
Path to dependency file: /requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260309120528_NCWYTV/python_KWDIRO/202603091205291/env/lib/python3.9/site-packages/nltk-3.9.2.dist-info
Dependency Hierarchy:
- argilla-1.25.0-py3-none-any.whl (Root Library)
- ❌ nltk-3.9.2-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 09f51f74740b88648be208302ec569217b51a66f
Found in base branch: main
Vulnerability Details
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, "nltk.app.wordnet_app" allows unauthenticated remote shutdown of the local WordNet Browser HTTP server when it is started in its default mode. A simple "GET /SHUTDOWN%20THE%20SERVER" request causes the process to terminate immediately via "os._exit(0)", resulting in a denial of service. Commit bbaae83db86a0f49e00f5b0db44a7254c268de9b patches the issue.
Publish Date: 2026-03-20
URL: CVE-2026-33231
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.1%
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
CVE-2026-33230
Vulnerable Library - nltk-3.9.2-py3-none-any.whl
Natural Language Toolkit
Library home page: https://files.pythonhosted.org/packages/60/90/81ac364ef94209c100e12579629dc92bf7a709a84af32f8c551b02c07e94/nltk-3.9.2-py3-none-any.whl
Path to dependency file: /requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260309120528_NCWYTV/python_KWDIRO/202603091205291/env/lib/python3.9/site-packages/nltk-3.9.2.dist-info
Dependency Hierarchy:
- argilla-1.25.0-py3-none-any.whl (Root Library)
- ❌ nltk-3.9.2-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 09f51f74740b88648be208302ec569217b51a66f
Found in base branch: main
Vulnerability Details
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, "nltk.app.wordnet_app" contains a reflected cross-site scripting issue in the "lookup_..." route. A crafted "lookup_" URL can inject arbitrary HTML/JavaScript into the response page because attacker-controlled "word" data is reflected into HTML without escaping. This impacts users running the local WordNet Browser server and can lead to script execution in the browser origin of that application. Commit 1c3f799607eeb088cab2491dcf806ae83c29ad8f fixes the issue.
Publish Date: 2026-03-20
URL: CVE-2026-33230
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.0%
CVSS 3 Score Details (6.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: GHSA-gfwx-w7gr-fvh7
Release Date: 2026-03-20
Fix Resolution: nltk - 3.9.4
CVE-2026-4539
Vulnerable Library - pygments-2.19.2-py3-none-any.whl
Pygments is a syntax highlighting package written in Python.
Library home page: https://files.pythonhosted.org/packages/c7/21/705964c7812476f378728bdf590ca4b771ec72385c533964653c68e86bdc/pygments-2.19.2-py3-none-any.whl
Path to dependency file: /requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260309120528_NCWYTV/python_KWDIRO/202603091205291/env/lib/python3.9/site-packages/pygments-2.19.2.dist-info
Dependency Hierarchy:
- argilla-1.25.0-py3-none-any.whl (Root Library)
- rich-14.3.3-py3-none-any.whl
- ❌ pygments-2.19.2-py3-none-any.whl (Vulnerable Library)
- rich-14.3.3-py3-none-any.whl
Found in HEAD commit: 09f51f74740b88648be208302ec569217b51a66f
Found in base branch: main
Vulnerability Details
A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Publish Date: 2026-03-22
URL: CVE-2026-4539
Threat Assessment
Exploit Maturity: Proof of concept
EPSS: 0.0%
CVSS 3 Score Details (3.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
In order to enable automatic remediation for this issue, please create workflow rules