VYPR
Vendor

Stanford

Products
4
CVEs
5
Across products
5
Status
Private

Products

4

Recent CVEs

5
  • CVE-2022-0239CriJan 17, 2022
    risk 0.57cvss 9.8epss 0.01

    corenlp is vulnerable to Improper Restriction of XML External Entity Reference

  • CVE-2026-54499higJun 19, 2026
    risk 0.38cvss epss

    ### Summary Stanza 1.12.0 attempts to safely load PyTorch checkpoint files using `torch.load(..., weights_only=True)`, but automatically falls back to the fully unsafe `torch.load(..., weights_only=False)` when the safe load raises `pickle.UnpicklingError`. Because the…

  • CVE-2025-12695MedNov 4, 2025
    risk 0.38cvss 5.9epss 0.00

    The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class.

  • CVE-2013-2106Dec 3, 2019
    risk 0.00cvss epss 0.02

    webauth before 4.6.1 has authentication credential disclosure

  • CVE-2009-2945Sep 15, 2009
    risk 0.00cvss epss 0.01

    weblogin/login.fcgi (aka the WebLogin login script) in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords in URLs in certain circumstances involving conversion of a POST request to a GET request, which allows context-dependent attackers to discover passwords by…