Stanford CoreNlp is a set of open source, natural language analysis tools written in Java by the Stanford Nlp Group team in the U.S. A security vulnerability exists in Stanford Nlp Group, which stems from improper XML external entity reference restrictions. No details of the vulnerability are currently available.