pkg:Maven/org.apache.opennlp:opennlp-tools

4 total CVEsCRITICAL3HIGH1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2026-42027Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest
    from 0, < 2.5.9
  • CRITICAL9.8CVE-2017-12620Improper Restriction of XML External Entity Reference in Apache OpenNLP
    >= 1.5.0, < 1.8.2
  • CRITICAL9.1CVE-2026-40682Apache OpenNLP DictionaryEntryPersistor Vulnerable to XML External Entity (XXE) via Unsanitized Dictionary Parsing
    from 0, < 2.5.9
  • HIGH7.5CVE-2026-42440Apache OpenNLP AbstractModelReader has an OOM Denial of Service via Unbounded Array Allocation
    from 0, < 2.5.9