High severityNVD Advisory· Published Mar 5, 2026· Updated Mar 5, 2026

xgrammar: Multi-layer nesting causes DoS

CVE-2026-25048

Description

xgrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to version 0.1.32, the multi-level nested syntax caused a segmentation fault (core dumped). This issue has been patched in version 0.1.32.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Multi-level nested syntax in xgrammar prior to 0.1.32 causes a segmentation fault, enabling denial of service via crafted grammar rules.

CVE-2026-25048 is a denial-of-service vulnerability in xgrammar, an open-source library for structured generation. The issue arises from improper handling of multi-level nested syntax in grammar definitions, which triggers a segmentation fault (core dump) when processed [1][3].

An attacker can exploit this by providing a crafted grammar rule containing an excessive number of nested parentheses—for example, 30,000 layers—as demonstrated in the proof-of-concept [3]. This causes a stack overflow or memory exhaustion during grammar compilation, leading to a crash of the application using xgrammar [3].

The impact is a denial of service, as the segmentation fault terminates the process. No authentication or special privileges are required if the attacker can supply a grammar to the library, making it exploitable in any service that accepts user-defined grammars [3].

The vulnerability has been patched in xgrammar version 0.1.32 [4]. Users are advised to upgrade to the latest version. No workarounds are documented; the fix addresses the root cause by improving handling of deeply nested syntax [4].

References

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
xgrammarPyPI	< 0.1.32	0.1.32

Affected products

Mlc Ai/Xgrammarllm-fuzzy2 versions
<0.1.32+ 1 more
- (no CPE)range: <0.1.32
- (no CPE)range: < 0.1.32

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-7rgv-gqhr-fxg3ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2026-25048ghsaADVISORY
github.com/mlc-ai/xgrammar/releases/tag/v0.1.32ghsax_refsource_MISCWEB
github.com/mlc-ai/xgrammar/security/advisories/GHSA-7rgv-gqhr-fxg3ghsax_refsource_CONFIRMWEB

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000