Ubuntu Security Notices USN-8214-1 USN-8214-1: NLTK vulnerability Publication date 28 April 2026 Overview NLTK could be made to crash or run programs as your login if it opened a specially crafted zip file. Releases 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS 14.04 LTS Open side navigation Close side navigation Packages Details Update instructions References Packages nltk - Natural Language Toolkit Details It was discovered that NLTK incorrectly handled file extraction when opening a maliciously crafted zip file. An attacker could possibly use this issue to create or overwrite files on the system and execute arbitrary code. It was discovered that NLTK incorrectly handled file extraction when opening a maliciously crafted zip file. An attacker could possibly use this issue to create or overwrite files on the system and execute arbitrary code. Update instructions In general, a standard system update will make all the necessary changes. Learn more about how to get the fixes. The problem can be corrected by updating your system to the following package versions: Ubuntu Release Package Version 26.04 LTS resolute python3-nltk – 3.9.2-1ubuntu0.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 24.04 LTS noble python3-nltk – 3.8.1-1ubuntu0.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 22.04 LTS jammy python3-nltk – 3.7-1ubuntu0.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 20.04 LTS focal python3-nltk – 3.4.5-2ubuntu0.1~esm3 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 18.04 LTS bionic python-nltk – 3.2.5-1ubuntu0.1+esm3 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. python3-nltk – 3.2.5-1ubuntu0.1+esm3 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 16.04 LTS xenial python-nltk – 3.1-1ubuntu0.1+esm3 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. python3-nltk – 3.1-1ubuntu0.1+esm3 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 14.04 LTS trusty python-nltk – 2.0~b9-0ubuntu4.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via Legacy Support add-on. Reduce your security exposure Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines. Get Ubuntu Pro References CVE-2025-14009 CVE-2025-14009