Login Sign Up

CVE-2025-57809

7.5 HIGH
Denial of Service

📋 TL;DR

CVE-2025-57809 is an infinite recursion vulnerability in XGrammar library versions before 0.1.21. This allows attackers to cause denial of service (DoS) by triggering uncontrolled recursion that consumes system resources. Any application using vulnerable XGrammar versions for structured generation is affected.

💻 Affected Systems

Products:
  • XGrammar library
Versions: All versions before 0.1.21
Operating Systems: All platforms where XGrammar runs
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the core grammar processing logic, affecting all configurations using vulnerable versions.

📦 What is this software?

Xgrammar by Mlc Ai

View all CVEs affecting Xgrammar →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system resource exhaustion leading to denial of service, potentially crashing the application or host system.

🟠

Likely Case

Application instability, performance degradation, or service disruption when processing malicious grammar inputs.

🟢

If Mitigated

Minimal impact with proper input validation and resource limits in place.

🌐 Internet-Facing: MEDIUM - Exploitable if application accepts external grammar inputs, but requires specific triggering conditions.
🏢 Internal Only: LOW - Lower risk in controlled environments with trusted inputs.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires crafting specific grammar inputs that trigger infinite recursion, which is relatively straightforward for knowledgeable attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.1.21

Vendor Advisory: https://github.com/mlc-ai/xgrammar/security/advisories/GHSA-5cmr-4px5-23pc

Restart Required: Yes

Instructions:

1. Identify XGrammar version in your environment
2. Update to version 0.1.21 or later using package manager
3. Restart any services using XGrammar
4. Test grammar processing functionality

🔧 Temporary Workarounds

Input validation and sanitization

all

Implement strict input validation to reject potentially malicious grammar structures before processing

Resource limiting

all

Configure recursion depth limits and timeout mechanisms in applications using XGrammar

🧯 If You Can't Patch

  • Implement network segmentation to isolate vulnerable systems
  • Deploy application-level firewalls to filter suspicious grammar inputs

🔍 How to Verify

Check if Vulnerable:

Check XGrammar version in package manifest or run 'pip show xgrammar' for Python installations

Check Version:

pip show xgrammar | grep Version

Verify Fix Applied:

Confirm version is 0.1.21 or later and test with known problematic grammar inputs

📡 Detection & Monitoring

Log Indicators:

  • Unusual recursion depth warnings
  • Process termination due to resource exhaustion
  • Abnormal CPU/memory spikes during grammar processing

Network Indicators:

  • Repeated grammar processing requests from single sources
  • Unusually large grammar payloads

SIEM Query:

source="application.logs" AND ("recursion depth exceeded" OR "memory limit" OR "xgrammar")

📊 Metadata

CVE ID: CVE-2025-57809
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-674
EPSS Score: 0.03% exploit probability (7.7th percentile)
Published: August 25, 2025
Last Updated: September 9, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-57809, you might also want to check these:

CVE-2023-51803 9.8

This vulnerability in Heimdall allows attackers to upload malicious icons containing PHP code, poten...

Same vulnerability type (CWE-674)
CVE-2024-37973 8.8

CVE-2024-37973 is a Secure Boot security feature bypass vulnerability that allows attackers to circu...

Same vulnerability type (CWE-674)
CVE-2024-20311 8.6

An unauthenticated remote attacker can send specially crafted LISP packets to vulnerable Cisco devic...

Same vulnerability type (CWE-674)