CNNVD-202509-944 Information

CNNVD ID

CNNVD-202509-944

Related CVE

CVE-2025-58446

• CNNVD Published: 2025-09-06

Description (Chinese)

XGrammar是mlc-ai开源的一个快速、灵活、便携的结构化生成工具。 xgrammar 0.1.23版本存在安全漏洞，该漏洞源于语法优化器处理大型语法时效率过低，可能导致拒绝服务攻击。

Description (English)

Xgrammar is a fast, flexible, portable, structured generation tool for the mlc-ai open source. The security gap in xgrammar 0.1.23 results from the inefficient handling of large syntax by the syntax optimizer, which may lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

MNBikeways

Published

2025-09-06

Last Modified

2026-02-24

References

https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27 https://github.com/mlc-ai/xgrammar/security/advisories/GHSA-9q5r-wfvf-rr7f https://access.redhat.com/security/cve/cve-2025-58446

Patch

https://github.com/mlc-ai/xgrammar/releases