Description
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function get_tokenizer of the file python/sglang/srt/utils/hf_transformers_utils.py of the component HuggingFace Transformer Handler. The manipulation results in deserialization. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-02
Score: 6.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A deserialization flaw in the get_tokenizer function of the HuggingFace Transformer Handler module in sgl-project SGLang allows an attacker to supply crafted data that will be unserialized, potentially enabling the execution of arbitrary code on the target system. The vulnerability requires the attacker to invoke the affected function remotely, and the attack is considered complex and difficult to execute, but if successful it would give the attacker control over the affected environment and compromise confidentiality, integrity, and availability.

Affected Systems

The affected product is sgl-project SGLang, with versions up to and including 0.5.9 vulnerable to this flaw. No further version or patch information is provided in the CVE data.

Risk and Exploitability

The CVSS score of 6.3 indicates a moderately high severity, and EPSS data is not available, so the exact likelihood of exploitation remains unknown. The vulnerability is not listed in CISA’s KEV catalog. The attack vector is remote, requiring an attacker to send malicious payloads to the get_tokenizer function. The high complexity and difficulty of exploitation suggest that an attacker would need significant expertise and resources to successfully weaponize this flaw.

Generated by OpenCVE AI on May 2, 2026 at 23:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade sgl-project SGLang to the latest release that includes the deserialization fix.
  • Disable or restrict external access to the get_tokenizer API until the vulnerability is patched.
  • Monitor logs for anomalous calls to get_tokenizer and block any suspicious traffic.

Generated by OpenCVE AI on May 2, 2026 at 23:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 02 May 2026 22:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function get_tokenizer of the file python/sglang/srt/utils/hf_transformers_utils.py of the component HuggingFace Transformer Handler. The manipulation results in deserialization. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Title sgl-project SGLang HuggingFace Transformer hf_transformers_utils.py get_tokenizer deserialization
Weaknesses CWE-20
CWE-502
References
Metrics cvssV2_0

{'score': 5.1, 'vector': 'AV:N/AC:H/Au:N/C:P/I:P/A:P/E:ND/RL:ND/RC:UR'}

cvssV3_0

{'score': 5.6, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R'}

cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-02T22:00:19.859Z

Reserved: 2026-05-02T08:00:13.701Z

Link: CVE-2026-7669

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-02T22:16:24.080

Modified: 2026-05-02T22:16:24.080

Link: CVE-2026-7669

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T23:30:05Z

Weaknesses