High severityNVD Advisory· Published Aug 25, 2025· Updated Aug 26, 2025
XGrammar affected by Denial of Service by infinite recursion grammars
CVE-2025-57809
Description
XGrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to version 0.1.21, XGrammar has an infinite recursion issue in the grammar. This issue has been resolved in version 0.1.21.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
xgrammarPyPI | < 0.1.21 | 0.1.21 |
Affected products
3- osv-coords2 versions
< 24.04-r15+ 1 more
- (no CPE)range: < 24.04-r15
- (no CPE)range: < 0.1.21
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-5cmr-4px5-23pcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-57809ghsaADVISORY
- github.com/mlc-ai/xgrammar/commit/b943feacb5a1caf4d39de8ec3bf7c7ce066dcee5ghsax_refsource_MISCWEB
- github.com/mlc-ai/xgrammar/issues/250ghsax_refsource_MISCWEB
- github.com/mlc-ai/xgrammar/security/advisories/GHSA-5cmr-4px5-23pcghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.