CVE-2026-7669

🗓️ 02 May 2026 22:00:19Reported by VulDBType

CVE-2026-7669 affects SGLang up to 0.5.9; get_tokenizer deserialization enables remote code execution.

Reporter	Title	Published	Views	Family All 13
ATTACKERKB	CVE-2026-7669	2 May 202622:00	–	attackerkb
Circl	CVE-2026-7669	4 May 202601:00	–	circl
CNNVD	sglang 注入漏洞	2 May 202600:00	–	cnnvd
Cvelist	CVE-2026-7669 sgl-project SGLang HuggingFace Transformer hf_transformers_utils.py get_tokenizer code injection	2 May 202622:00	–	cvelist
EUVD	EUVD-2026-26802	2 May 202622:00	–	euvd
Github Security Blog	SGLang has an Improper Input Validation/Injection Issue	3 May 202600:31	–	github
NVD	CVE-2026-7669	2 May 202622:16	–	nvd
OSV	GHSA-6M5F-673F-5VH7 SGLang has an Improper Input Validation/Injection Issue	3 May 202600:31	–	osv
Positive Technologies	PT-2026-36639	2 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-7669	5 May 202602:20	–	redhatcve

Vulners

Node

sgl-project sglangMatch0.5.0

sgl-project sglangMatch0.5.1

sgl-project sglangMatch0.5.2

sgl-project sglangMatch0.5.3

sgl-project sglangMatch0.5.4

sgl-project sglangMatch0.5.5

sgl-project sglangMatch0.5.6

sgl-project sglangMatch0.5.7

sgl-project sglangMatch0.5.8

sgl-project sglangMatch0.5.9

[
  {
    "vendor": "sgl-project",
    "product": "SGLang",
    "versions": [
      {
        "version": "0.5.0",
        "status": "affected"
      },
      {
        "version": "0.5.1",
        "status": "affected"
      },
      {
        "version": "0.5.2",
        "status": "affected"
      },
      {
        "version": "0.5.3",
        "status": "affected"
      },
      {
        "version": "0.5.4",
        "status": "affected"
      },
      {
        "version": "0.5.5",
        "status": "affected"
      },
      {
        "version": "0.5.6",
        "status": "affected"
      },
      {
        "version": "0.5.7",
        "status": "affected"
      },
      {
        "version": "0.5.8",
        "status": "affected"
      },
      {
        "version": "0.5.9",
        "status": "affected"
      }
    ],
    "modules": [
      "HuggingFace Transformer Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/submit/799263
vuldb	www.vuldb.com/vuln/360817/cti
github	www.github.com/gouldnicholas/CVE-2026-7669-PoC
vuldb	www.vuldb.com/vuln/360817

05 May 2026 19:15Current

6Medium risk

Vulners AI Score6

CVSS 25.1

CVSS 3.15.6

CVSS 46.3

CVSS 35.6

EPSS0.00019

SSVC