Known Vulnerabilities for products from Stanford
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Stanford".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-54499 json | Stanza is a Stanford NLP Python library for tokenization, sentence segmentation, NER, and parsing of many human languages. Pr... | Not Provided | 2026-07-08 | 2026-07-13 |
| CVE-2026-12252 json | Not Provided | 2026-07-04 | 2026-07-06 | |
| CVE-2023-39020 json | stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.i... | 9.8 - CRITICAL | 2023-07-28 | 2023-08-03 |
| CVE-2022-0239 json | corenlp is vulnerable to Improper Restriction of XML External Entity Reference | Not Provided | 2022-01-17 | 2026-04-16 |
| CVE-2022-0198 json | corenlp is vulnerable to Improper Restriction of XML External Entity Reference | 7.1 - HIGH | 2022-01-13 | 2022-01-19 |
| CVE-2021-44550 json | An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via the classifier in NERServlet.java (lines 158 and 159). | 9.8 - CRITICAL | 2022-02-24 | 2022-07-12 |
| CVE-2021-3878 json | corenlp is vulnerable to Improper Restriction of XML External Entity Reference | 9.8 - CRITICAL | 2021-10-15 | 2021-10-20 |
| CVE-2021-3869 json | corenlp is vulnerable to Improper Restriction of XML External Entity Reference | 7.5 - HIGH | 2021-10-19 | 2021-10-21 |
| CVE-2013-2106 json | webauth before 4.6.1 has authentication credential disclosure | 7.5 - HIGH | 2019-12-03 | 2019-12-10 |
| CVE-2009-2945 json | weblogin/login.fcgi (aka the WebLogin login script) in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords i... | Not Provided | 2009-09-15 | 2026-04-23 |