Skip to main content

Xgrammar

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-25048 PyPI HIGH PATCH This Week

Xgrammar versions prior to 0.1.32 crash when processing multi-level nested syntax structures, causing a denial of service that halts the application. An attacker can trigger this segmentation fault remotely without authentication by submitting crafted input, disrupting any AI/ML system relying on this library for structured generation tasks. No patch is currently available for affected deployments.

Information Disclosure AI / ML Xgrammar Red Hat
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-58446 PyPI MEDIUM POC PATCH This Week

xgrammar is an open-source library for efficient, flexible, and portable structured generation. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Xgrammar Red Hat
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-57809 PyPI HIGH POC PATCH This Week

XGrammar is an open-source library for efficient, flexible, and portable structured generation. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Xgrammar Red Hat
NVD GitHub
CVSS 4.0
7.7
EPSS
0.0%
CVE-2025-32381 PyPI MEDIUM PATCH This Month

XGrammar is an open-source library for efficient, flexible, and portable structured generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xgrammar Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2026-25048 PyPI
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Xgrammar versions prior to 0.1.32 crash when processing multi-level nested syntax structures, causing a denial of service that halts the application. An attacker can trigger this segmentation fault remotely without authentication by submitting crafted input, disrupting any AI/ML system relying on this library for structured generation tasks. No patch is currently available for affected deployments.

Information Disclosure AI / ML Xgrammar +1
NVD GitHub VulDB
CVE-2025-58446 PyPI
EPSS 0% CVSS 6.9
MEDIUM POC PATCH This Week

xgrammar is an open-source library for efficient, flexible, and portable structured generation. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Xgrammar Red Hat
NVD GitHub
CVE-2025-57809 PyPI
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

XGrammar is an open-source library for efficient, flexible, and portable structured generation. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Xgrammar Red Hat
NVD GitHub
CVE-2025-32381 PyPI
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

XGrammar is an open-source library for efficient, flexible, and portable structured generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xgrammar Red Hat
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy