https://vulnerability.circl.lu/sightings/feed 2026-06-30T19:13:54.108284+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/a43e4b8a-d024-440d-a94b-eacc92291b3e/export 2026-06-30T19:13:54.128744+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "a43e4b8a-d024-440d-a94b-eacc92291b3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12243", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mphvan63hs2t", "content": "CVE-2026-12243 - Path Traversal via Percent-Encoding in nltk.data.find() and nltk.data.load()\nCVE ID : CVE-2026-12243\n \n Published : June 30, 2026, 12:14 a.m. | 1\u00a0hour, 31\u00a0minutes ago\n \n Description : NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomp...", "creation_timestamp": "2026-06-30T01:50:38.568333Z"} 2026-06-30T01:50:38.568333+00:00 https://vulnerability.circl.lu/sighting/4ae01c5a-afb9-41ec-b14c-43b5ad5a238b/export 2026-06-30T19:13:54.131395+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4ae01c5a-afb9-41ec-b14c-43b5ad5a238b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12243", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphut4okqz22", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-12243 \u0432 NLTK 3.9.4: \u0443\u0433\u0440\u043e\u0437\u0430 path traversal \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/D8109989-D984-4F37-B7BF-7B36809D1F96", "creation_timestamp": "2026-06-30T01:43:05.220815Z"} 2026-06-30T01:43:05.220815+00:00 https://vulnerability.circl.lu/sighting/fc3c78df-4b5b-484b-a24f-2de8047efe60/export 2026-06-30T19:13:54.131588+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "fc3c78df-4b5b-484b-a24f-2de8047efe60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12243", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116836468435158836", "content": "CVE-2026-12243: NLTK 3.9.4 suffers from a HIGH severity path traversal bug \u2014 percent-encoded sequences like ..%2f bypass directory checks, allowing arbitrary file reads in NLP apps/Jupyter/CLI. Audit usages & restrict resource loading. https://radar.offseq.com/threat/cve-2026-12243-cwe-22-improper-limitation-of-a-pat-3eae11979fc43a41 #OffSeq #NLTK #Python", "creation_timestamp": "2026-06-30T01:30:32.997816Z"} 2026-06-30T01:30:32.997816+00:00 https://vulnerability.circl.lu/sighting/5a5b1483-d6f7-4538-959a-b9759fe03f79/export 2026-06-30T19:13:54.131700+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "5a5b1483-d6f7-4538-959a-b9759fe03f79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12243", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mphu4lougb2t", "content": "NLTK 3.9.4 has a HIGH severity path traversal flaw \u2014 percent-encoded payloads can read files via nltk.data.load(). Affects web/NLP apps & Jupyter. Review usage and restrict resource input. https://radar.offseq.com/threat/cve-2026-12243-cwe-22-improper-limitation-of-a-pat-3eae11979fc43a41 #OffSeq ...", "creation_timestamp": "2026-06-30T01:30:29.868277Z"} 2026-06-30T01:30:29.868277+00:00