Description

SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are rendered using an unsandboxed jinja2.Environment().

INFO

Published Date :

2026-04-20T13:46:23.603Z

Last Modified :

2026-04-20T15:29:54.098Z

Source :

certcc
AFFECTED PRODUCTS

The following products are affected by CVE-2026-5760 vulnerability.

Vendors Products
Sglang
  • Sglang
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-5760.

URL Resource
https://github.com/Stuub/SGLang-0.5.9-RCE cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System