| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|
| CVE-2026-42440 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP ... |
| CVE-2026-42027 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP Ext ... |
| CVE-2026-40682 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache ... |