CVE-2025-14009 | nltk nltk/downloader.py _unzip_iter code injection

19:22 - 18 Feb 2026

vuldb.com

A vulnerability described as critical has been identified in nltk. This impacts the function _unzip_iter of the file nltk/downloader.py. Such manipulation leads to code injection. This vulnerability is uniquely identified as CVE-2025-14009. The attack can be launched remotely. No exploit exists.

https://vuldb.com/?id.346653

Article info:

Full Article URL: https://vuldb.com/?id.346653
Textarea URL (this page):
https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxMzM1BgCQTAj6_2026-02-18
Source: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publication date: 2026-02-18 19:22:59
Last retrieval: 2026-02-18 20:46:21.197384