Package impact
MAVEN / org.apache.opennlp:opennlp-tools
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42027 | critical | 9.8 | 9.8 | 25d ago | Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest | |||
| CVE-2026-40682 | critical | 9.1 | 9.1 | 25d ago | Apache OpenNLP DictionaryEntryPersistor Vulnerable to XML External Entity (XXE) via Unsanitized Dictionary Parsing | |||
| CVE-2026-42440 | high | 7.5 | 7.5 | 25d ago | Apache OpenNLP AbstractModelReader has an OOM Denial of Service via Unbounded Array Allocation |