CNNVD-202508-2912 Information

CNNVD ID

CNNVD-202508-2912

Related CVE

CVE-2025-57809

• CNNVD Published: 2025-08-25

Description (Chinese)

XGrammar是mlc-ai开源的一个快速、灵活、便携的结构化生成工具。 XGrammar 0.1.21之前版本存在安全漏洞，该漏洞源于语法中存在无限递归问题。

Description (English)

Xgrammar is a fast, flexible, portable, structured generation tool for the mlc-ai open source. There was a security loophole in the previous version of Xgrammar 0.1.21, which stemmed from the problem of unlimited regression in the grammar.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

mlc-ai

Published

2025-08-25

Last Modified

2026-02-24

References

https://github.com/mlc-ai/xgrammar/security/advisories/GHSA-5cmr-4px5-23pc https://github.com/mlc-ai/xgrammar/issues/250 https://github.com/mlc-ai/xgrammar/commit/b943feacb5a1caf4d39de8ec3bf7c7ce066dcee5 https://nvd.nist.gov/vuln/detail/CVE-2025-57809

Patch

https://xgrammar.mlc.ai/docs/