Stuub/SGLang-0.5.9-RCE

Releases0

Stars4

Proof of Concept exploitation of CVE-2026-5760 - RCE in SGLang 0.5.9 via malicious GGUF

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-5760 ↗	Apr 20, 2026Monday, 20 April 2026, 14:16	9.8 CRITICAL	—
SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are rendered using an unsandboxed jinja2.Environment().