CVE-2026-40682 | Apache OpenNLP up to 2.5.8/3.0.0-M2 Dictionary Parser DictionaryEntryPersistor xml external entity reference

Inserito da Angelo Barbosa | Mag 1, 2026 | CVE

A vulnerability was found in Apache OpenNLP up to 2.5.8/3.0.0-M2 and classified as problematic. The affected element is the function DictionaryEntryPersistor of the component Dictionary Parser. Executing a manipulation can lead to xml external entity reference.

The identification of this vulnerability is CVE-2026-40682. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-40682 | Apache OpenNLP up to 2.5.8/3.0.0-M2 Dictionary Parser DictionaryEntryPersistor xml external entity reference

Post correlati

CVE-2025-0490 | Fanli2012 native-php-cms 1.0 article_dodel.php id sql injection

CVE-2022-4975 | Red Hat Advanced Cluster Security Portal /main/configmanagement/ cross site scripting

CVE-2024-5916 | Palo Alto PAN-OS/Cloud NGFW/Prisma Access cleartext storage in a file or on disk

CVE-2024-28780 | IBM Cognos Controller/Controller risky encryption