CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-58446

xgrammar is an open-source library for efficient, flexible, and portable structured generation. A grammar optimizer introduced in 0.1.23 processes large grammars (>100k characters) at very low rates, and can be used for DOS of model providers. This issue is fixed in version 0.1.24.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.4%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27
https://github.com/mlc-ai/xgrammar/security/advisories/GHSA-9q5r-wfvf-rr7f

Products affected by CVE-2025-58446

Mlc-Ai » Xgrammar » Version: 0.1.23

cpe:2.3:a:mlc-ai:xgrammar:0.1.23

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-58446

Products

Pricing

Contact Us