AI Alert
AI incidents and vulnerabilities — tracked, sourced, dated.
CVE-2026-7669: Deserialization flaw in SGLang's HuggingFace tokenizer loader
A medium-severity deserialization bug in SGLang's get_tokenizer routine affects all releases up to 0.5.9. The vendor has not responded to the disclosure, and no fixed version is listed.
Recent posts
Subscribe
AI incidents and vulnerabilities — tracked, sourced, dated. — delivered when there's something worth your inbox.
No spam. Unsubscribe anytime.