CVE-2026-5760

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Apr 20, 2026

Vendor unknown

Description

SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are rendered using an unsandboxed jinja2.Environment().

References

https://github.com/Stuub/SGLang-0.5.9-RCE