CVE-2026-40682 | Apache OpenNLP up to 2.5.8/3.0.0-M2 Dictionary Parser DictionaryEntryPersistor xml external entity reference

Inserito da Angelo Barbosa | Mag 1, 2026 | CVE

A vulnerability was found in Apache OpenNLP up to 2.5.8/3.0.0-M2 and classified as problematic. The affected element is the function DictionaryEntryPersistor of the component Dictionary Parser. Executing a manipulation can lead to xml external entity reference.

The identification of this vulnerability is CVE-2026-40682. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-40682 | Apache OpenNLP up to 2.5.8/3.0.0-M2 Dictionary Parser DictionaryEntryPersistor xml external entity reference

Post correlati

CVE-2025-61168 | SIGB PMB 8.0.1.14 cms_rest.php deserialization

CVE-2024-56810 | IBM EntireX 11.1 information exposure

CVE-2024-49819 | IBM Security Guardium Key Lifecycle Manager 4.1/4.1.1/4.2.0/4.2.1 cleartext transmission

CVE-2024-12579 | Minify HTML Plugin up to 2.1.10 on WordPress incorrect regex