6 matches found
CVE-2026-7669
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation of the argument trustremotecode with the input False as part of Boole...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the gettokenizer function in the...
CVE-2026-7669
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation of the argument trustremotecode with the input False as part of Boole...
CVE-2026-7669
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation of the argument trustremotecode with the input False as part of Boole...
CVE-2026-7669
Affected software: sgl-project SGLang (up to 0.5.9). The vulnerability targets the function get_tokenizer in python/sglang/srt/utils/hf_transformers_utils.py within the HuggingFace Transformer Handler. Root cause is deserialization triggered by input manipulation. Impact is remote execution with ...
EUVD-2026-26802
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation results in deserialization. The attack can be executed remotely. A hi...