Package impact
MAVEN / org.apache.opennlp:opennlp-tools
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-42027 | critical | 9.8 | 9.8 | 24d ago | Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest | |
| CVE-2026-40682 | critical | 9.1 | 9.1 | 24d ago | Apache OpenNLP DictionaryEntryPersistor Vulnerable to XML External Entity (XXE) via Unsanitized Dictionary Parsing | |
| CVE-2026-42440 | high | 7.5 | 7.5 | 24d ago | Apache OpenNLP AbstractModelReader has an OOM Denial of Service via Unbounded Array Allocation |