CVE-2026-12199
Received Received - Intake
Unauthenticated Remote Shutdown in NLTK WordNet Browser

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: huntr.dev

Description
A vulnerability in `nltk.app.wordnet_app` up to version 3.9.3 allows unauthenticated remote shutdown of the local WordNet Browser HTTP server when started in its default mode. The server listens on all interfaces and processes a specific unauthenticated GET request (`/SHUTDOWN%20THE%20SERVER`) to terminate the process immediately via `os._exit(0)`. This results in a denial of service, impacting service availability. The issue arises due to insufficient authentication and protection mechanisms for critical server functions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-06-17
AI Q&A
2026-06-17
EPSS Evaluated
N/A
NVD
CVE-2026-12199
EUVD
EUVD-2026-37569
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nltk nltk_app to 3.9.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the nltk.app.wordnet_app up to version 3.9.3. It allows an unauthenticated remote attacker to shut down the local WordNet Browser HTTP server by sending a specific GET request (/SHUTDOWN%20THE%20SERVER). The server, which listens on all interfaces by default, processes this request and immediately terminates the process using os._exit(0).

The root cause is insufficient authentication and protection mechanisms for critical server functions, allowing anyone to remotely cause a denial of service by shutting down the server.

Impact Analysis

This vulnerability can impact you by causing a denial of service (DoS) on the WordNet Browser HTTP server. Since the server can be remotely shut down without authentication, it can lead to service unavailability, disrupting any applications or services relying on this server.

Detection Guidance

This vulnerability can be detected by monitoring network traffic for unauthenticated GET requests to the WordNet Browser HTTP server, specifically requests targeting the path '/SHUTDOWN%20THE%20SERVER'. Since the server listens on all interfaces, scanning for open HTTP ports where nltk.app.wordnet_app is running may help identify vulnerable instances.

A possible command to detect the presence of the vulnerable server is to use curl or wget to send the shutdown request and observe the server response or termination:

  • curl -v http://<target-ip>:<port>/SHUTDOWN%20THE%20SERVER
  • wget --spider http://<target-ip>:<port>/SHUTDOWN%20THE%20SERVER

If the server process terminates or the connection is closed immediately, it indicates the vulnerability is present.

Mitigation Strategies

Immediate mitigation steps include restricting access to the WordNet Browser HTTP server by limiting network exposure, such as binding the server to localhost only or using firewall rules to block external access.

Additionally, avoid running the vulnerable version of nltk.app.wordnet_app (up to 3.9.3) in default mode where it listens on all interfaces without authentication.

If possible, update to a patched version of the software once available or implement authentication and access controls to prevent unauthenticated shutdown requests.

Compliance Impact

This vulnerability allows unauthenticated remote shutdown of the WordNet Browser HTTP server, resulting in denial of service and impacting service availability.

Since the vulnerability affects availability, it could potentially impact compliance with standards and regulations that require maintaining service availability, such as HIPAA and GDPR.

However, there is no direct information provided about data confidentiality or integrity being compromised, so the impact on compliance related to data protection requirements is unclear.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12199. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart