TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
View original
The Hacker News avatar

TGINSIGHT POST

Post #8834

@thehackernews

The Hacker News

Views9,270Post view count
PostedApr 2004/20/2026, 05:15 PM
Post content

Post content

⚠️ SGLang has a critical flaw enabling remote code execution (CVSS 9.8) via malicious GGUF model files. A crafted Jinja2 template runs when /v1/rerank is triggered, executing attacker code on the server. 🔗 How GGUF templates become an RCE path → https://thehackernews.com/2026/04/sglang-cve-2026-5760-cvss-98-enables.html