CVE-2026-33236
Published: 20 March 2026
Summary
CVE-2026-33236 is a high-severity Path Traversal (CWE-22) vulnerability in Nltk Nltk. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Ingress Tool Transfer (T1105); ranked at the 5.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely identification, reporting, and patching of flaws like the path traversal in NLTK downloader, directly enabling deployment of the fix in commit 89fe2ec2c6bae6e2e7a46dad65cc34231976ed8a.
Mandates validation of information inputs from remote sources, such as subdir and id attributes in XML index files, to block path traversal sequences like ../ leading to arbitrary file operations.
Controls and monitors user-installed software like NLTK, ensuring only authorized and patched versions are deployed to mitigate exploitation via vulnerable downloader components.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal in NLTK downloader enables arbitrary file creation/overwrite from attacker-controlled index, directly mapping to ingress of arbitrary content (T1105) and stored data manipulation via overwrites (T1565.001).
NVD Description
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, the NLTK downloader does not validate the `subdir` and `id` attributes…
more
when processing remote XML index files. Attackers can control a remote XML index server to provide malicious values containing path traversal sequences (such as `../`), which can lead to arbitrary directory creation, arbitrary file creation, and arbitrary file overwrite. Commit 89fe2ec2c6bae6e2e7a46dad65cc34231976ed8a patches the issue.
Deeper analysisAI
CVE-2026-33236 is a path traversal vulnerability (CWE-22) in the NLTK downloader component of the Natural Language Toolkit (NLTK), an open-source Python suite of modules, datasets, and tutorials for natural language processing research and development. In versions 3.9.3 and prior, the downloader does not validate the `subdir` and `id` attributes when processing remote XML index files, enabling attackers to inject path traversal sequences such as `../`.
An attacker controlling a remote XML index server exploited by a victim can supply malicious attribute values, resulting in arbitrary directory creation, arbitrary file creation, and arbitrary file overwrite on the victim's filesystem. Exploitation requires network access, low complexity, no privileges, and user interaction—such as invoking the NLTK downloader to fetch from the attacker's server—with a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H).
The vulnerability is addressed by commit 89fe2ec2c6bae6e2e7a46dad65cc34231976ed8a in the NLTK repository. Security advisories recommend updating to a patched version of NLTK and avoiding untrusted remote index servers; details are provided in the GitHub security advisory GHSA-469j-vmhf-r6v7.
Details
- CWE(s)