seclists.org · May 1, 2026 06:10 PM UTC

oss-sec: CVE-2026-42027: Apache OpenNLP: Arbitrary Class Instantiation via Model Manifest in ExtensionLoader

oss-sec: CVE-2026-42027: Apache OpenNLP: Arbitrary Class Instantiation via Model Manifest in ExtensionLoader

Summary

Severity: moderate Affected versions: - Apache OpenNLP (org.apache.opennlp:opennlp-tools) before 2.5.9 - Apache OpenNLP (org.apache.opennlp:opennlp-tools) 3.0 b...

Original reporting

Open original source

AFBytes is a read-only aggregator. Use the original source for full context and complete reporting.

Related coverage