CVE-2025-58446
- Source
- https://cve.org/CVERecord?id=CVE-2025-58446
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58446.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-58446
- Aliases
- Related
- Published
- 2025-09-06T19:06:10.141Z
- Modified
- 2026-04-12T18:25:22.033875Z
- Severity
-
- 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- xgrammar vulnerable to denial of service by huge enum grammar
- Details
-
xgrammar is an open-source library for efficient, flexible, and portable structured generation. A grammar optimizer introduced in 0.1.23 processes large grammars (>100k characters) at very low rates, and can be used for DOS of model providers. This issue is fixed in version 0.1.24.
- Database specific
{ "cwe_ids": [ "CWE-770" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/58xxx/CVE-2025-58446.json", "cna_assigner": "GitHub_M" }- References
Affected packages
Git / github.com/mlc-ai/xgrammar
Affected versions
v0.*
v0.1.10
v0.1.11
v0.1.12
v0.1.13
v0.1.14
v0.1.15
v0.1.16
v0.1.18
v0.1.19
v0.1.21
v0.1.22
v0.1.23
v0.1.9
Database specific
vanir_signatures
[
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-044479bc",
"digest": {
"line_hashes": [
"179810654982026507596327346937254522910",
"120804389206531764393735081983451247867",
"53130283339634625886101859336639844599",
"283043820088650212597251689064209513436",
"301544643683622969122371940377896571089",
"111618244743284106387277465826898980342",
"100317301590433056096145872387848597079",
"211840011579278160574657911357158015129",
"27501351056793903879514013667172719077",
"332786902724282427277335891023154185401",
"154604611506602014903431370579370446036",
"191796935466032675057647974516319306733",
"195418045415408812359938322547398966525",
"37865285775983714858605539632981205044",
"59621662351859118079509022285214293500",
"215145808692823905193734002305599844930",
"156757560910924684256121595550640884832",
"84791414479665693800693069460543818931",
"247662617775739443886656214538723705020",
"27557949123666632923636994201730839431",
"278311377572334103716361043118744031783",
"150612208090992708843287798489692216959",
"44769436334076296535390772656846478428",
"309179949169957924999413001252839705038",
"317235888133890191755845390705872407482",
"159210282327346407856310833515947248381",
"44479799184854619364611737823719144823",
"276568259243044633302922960558841747660",
"320180724621997719076425155858836358873",
"226623995030843086049462462062364460726",
"290474400235145294010816006515969108786",
"278513104821611817536275313915076663517",
"4673132117142091050757882635298128680",
"321190893225820197475295782418382520065",
"253970365416795940107815491429758261764",
"219249697710415729971168519754561996685",
"4782723150209890039850067497391072093",
"332615740631294983225814078449734214635"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/earley_parser.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-194aef7e",
"digest": {
"length": 762.0,
"function_hash": "302639118348788553224940390545566869968"
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Function",
"target": {
"file": "cpp/grammar_printer.cc",
"function": "GrammarPrinter::PrintGrammarExpr"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-29ca50f3",
"digest": {
"length": 2153.0,
"function_hash": "172792112736910810557844565124458982019"
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Function",
"target": {
"file": "cpp/grammar_matcher.cc",
"function": "GrammarMatcher::Impl::AcceptToken"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-3033c2c5",
"digest": {
"line_hashes": [
"56080762061893791002981800371633200640",
"247022838996726987168913400362756957700",
"202133637672257738254718743439354295800",
"271474753884181508874849572505829898309"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/grammar_printer.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-39b5d715",
"digest": {
"line_hashes": [
"112602105549582667306141772884017295243",
"290114025757052205614330659170531752057",
"284953303541646043173278010257420815707",
"334746197421685558192593913632315912205",
"23081141040025620050228882120394284267",
"278654988761765839728035762871728394403",
"213637105284858322136516203613684860827",
"258143106701226113119277786585343713592",
"225150031649387234099421299353661623152",
"162449157244741876946417407261686013122",
"213637105284858322136516203613684860827",
"89453615333203428228201514713003108374",
"102359382548462645904481650346470720696",
"93645492643116031182342171681034887546",
"213637105284858322136516203613684860827",
"320723770394138636998480480743650996323",
"238705892392041646434746151382961814981",
"239871070092842836011307325226125487831",
"213637105284858322136516203613684860827",
"33307362423652960446989677629754687958",
"321150299856368541597330531350287270859",
"181936368725909379807286537545768500610",
"221346334416083420645806746583779066197",
"63682230209161739298451952468303254410",
"217994316834081635478758358086457246611",
"37622784773015334631167881138330955669",
"118099976026844752298718480912723645817",
"158220170352223602384565751986955485354",
"243929470410724651353729230595458244555",
"176419493348848584949806985845009281073",
"41856708646213280184411278384269372506",
"313337898360373727391297690422323789059",
"148892105555365465588273885184618088218",
"4559006041789472558342338987666710502",
"146069397238487851524658222071920272768",
"262959542742484598388249244598389517024",
"192832911726129789556511590078870413927",
"57296480559174731575738812769031535561",
"327870077173291655947432327219024629997",
"216964185090453587483842216194632037809",
"313789315093159465720913512419975429738",
"147849508820353021636251184628367424558"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/grammar_functor.cc"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-41c1f497",
"digest": {
"length": 4726.0,
"function_hash": "186933299382862111432599159024461122201"
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Function",
"target": {
"file": "cpp/earley_parser.cc",
"function": "EarleyParser::ExpandNextRuleRefElement"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-5fd96eae",
"digest": {
"line_hashes": [
"76976321002181969116286274254612032641",
"32413394207906780995553128824714196869",
"330512433761045668027299319416480915397",
"164326009664550215229377015397246476693",
"21988859267345046041904216902788612306",
"17900290981952813225037210136924408005",
"85038710006734271529159048060736596973",
"218788085897112864748164702673671875595",
"248621222943330950073510017140747338243",
"69194878513836723940926386106083775340",
"279873156865449961373933284855101065024",
"142500692912870226746661662135745967522",
"68332181293610271667429699132656835932",
"76260659282348004510395108937583943422",
"251139003313780225379902896668293241541",
"12808934738918675345417845519996673461",
"54549334220360948120483299823753953765",
"11478254437545044110706115845366734596",
"217431673871101205243791076001839907086",
"223282064915209770460835083331035605285",
"285468802348942091210318403141444400192",
"83558431965929011439024154414918539091"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/grammar_matcher.cc"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-62053a18",
"digest": {
"line_hashes": [
"301951675587110767567120384660367481351",
"30331493308804867493284790567244068732",
"206147384760578736552268015727578390479"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/grammar_builder.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-87b29b35",
"digest": {
"length": 1231.0,
"function_hash": "161438819130424822980505800123432504714"
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Function",
"target": {
"file": "cpp/earley_parser.cc",
"function": "EarleyParser::Complete"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-98b4a8c5",
"digest": {
"line_hashes": [
"52513561194766093539239326439894073869",
"35270670210275857423566860302300858380",
"276478607534805384252902961663473019548",
"232313305004682284909132123150548401795",
"63740613574296071008310519920731888916",
"132584850972305923057454636073598875788",
"49726015488209987358954912530492457394",
"274638103728385002388219568853720791066",
"143923764043491049735801809712858426685",
"235622727082815536597233203483959573121",
"233128129431973304421960728809327849132",
"210700579132393051244022797413406130062",
"325591489616152253273390995574909315566",
"283484006195963793809761559996238760190",
"246313072942588656165935913276834422406",
"67097161299901339044508170918982500672",
"300925042820194240548959146292893713962",
"337692875098935941052241961359249277954",
"17159449519238521517642428435238245412",
"20253402103687417232209628733145687562",
"195157769708263932295493956745441431005",
"305947519849032275954931112004360604505",
"283767348263668019166319314593961624727",
"64163066046628423791442097777399295192",
"276912932185304992985940528086553647818",
"245373129073375153176168752904527791695",
"285145308583884040385803590056214460370",
"113120077081988808723830082092806962759",
"223951763501910709292208689405271748675",
"310685912795573966435028204539227241723",
"147277511117184611609720550074735448745",
"294201773578493170407011666392349704680",
"140078398773832233702903531724797654541",
"321724381636880443976205149328306668289",
"179706689997285272109234767521703583824",
"50503696620692465680048503108391193889",
"66679956821880937229532857766932922144",
"150609598635491699169810420764249333427",
"326824579550149206165542522054337132131",
"287145725404071539119265717002722750831",
"198206050183770245470015710624426802799",
"112493624523598311786922164005779463618",
"180007669265582039138365141033921620963",
"160636536448341257406955113771741878338"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/grammar_parser.cc"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-9f93e3ec",
"digest": {
"line_hashes": [
"73393687711908575317387899963301738671",
"232903381353737600172437576191564984664",
"55065053845102197411071047094060954759",
"303132192066328872255910006175371034387",
"185852490813239765803765652511833633342",
"76308316555300124921463589841822251127",
"312370628461931439589781080668418910641",
"278010630476125924142618573619515767638",
"136657677755080091143987877774370923157",
"259144844069977430199478391335199495216",
"307986542320564116806643074881994409009",
"200067490960072819924224020929648299708",
"183941639361789496225329165104671273978"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/grammar_functor.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-a1ba3f92",
"digest": {
"length": 3111.0,
"function_hash": "11346293221467573360197784199299924289"
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Function",
"target": {
"file": "cpp/grammar_compiler.cc",
"function": "GrammarCompiler::Impl::MultiThreadCompileGrammar"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-a2ef5ea3",
"digest": {
"length": 1113.0,
"function_hash": "58117636399936332832491857875034132333"
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Function",
"target": {
"file": "cpp/earley_parser.cc",
"function": "EarleyParser::Predict"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-b53c921d",
"digest": {
"line_hashes": [
"280173064313620117186367827620017368631",
"336813842979378075880122604523451666307",
"180377210299423167722827750503810881078",
"139059663655162312864771771272058683027",
"164024896408126083146001159864896003717",
"185347464607807551849852840584795434981",
"13311781242364370378673633072824459363",
"202965978844347261409512126534103469910",
"150731580044531446982288713005731003888",
"188093570816381291260230135722961454472",
"90802078147079544816468350698218451922",
"330113472461932780913961945342028263372",
"302673001035674056643229627464515469159",
"73706315817951693166139307602016983015",
"41756153826833458468393585010066662305",
"253640785102368339129573301106270109189",
"72057121555251073151837220070740799327",
"243029927631015238867636224253336163196",
"300575693884566794351483504743051513062",
"120392025729317665008855304023611560901",
"80806876545059057656313788431873022417",
"208888989794756079074655382964460549906",
"94674502220262594903052533055776822524",
"318569291675341055771356799256018560405",
"144873458189387824614560187583530759986",
"67248256592462250968318009631341149614",
"141536307755006770300625701031161266707",
"152215995417949396420967204466928115171",
"55317791937287062046636931836096882628",
"86611479786127483008652378786951099044",
"59718292683083346516649721581825450698",
"241405947753129884231569085355029811378",
"231426217816778544377790135278335468542",
"85642828722929890092993447104061072211",
"175069749550598425075641666959367042516",
"188582444875505251558724528443083334214",
"178759373617834010399715212796358497811",
"168620805770496913801742825877675050029",
"130596002888383318454873105978310994896",
"142250126056930842890343820997785799418",
"159139401060426554832452324842923181277",
"322118466615214194072240720757180921545",
"127122957221155223419911026239869475983",
"6939465198132055453552296677933480197",
"157824706626945326935174182520923508271",
"4551797425834678600350693893819053579",
"61091929257065138446416058234148376546",
"217573831779513840458304191541462188609",
"107394358618114421740300492370749272360",
"295091387267597016322105227028524907581",
"135850898561855283238493188766028741792",
"332270724133347353749885078253237804155",
"80021291123778005437330157285044072116",
"166180118740604798652662152487810111158",
"123800432833856074561518069600093318749",
"89394802994335962171523694340412998699"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/grammar_compiler.cc"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-bbee0160",
"digest": {
"line_hashes": [
"219166121743849751364954461428376843708",
"13249645532835272597314404891774955349",
"288988468955998196030935675077464573952",
"296248579205329396438645478671491951259",
"10344201825860528105228224400349575390",
"292389528776242712793759154625537765780",
"266101692155548921129075249601064699967",
"228979531845780385577143605778254321638",
"146408757075001900296208802180805018853",
"12598781889083368085675548006863831135",
"8731400529852480907886429508402791150",
"42902284288264443173117431282836113014",
"102481632529664340984895060976956625162",
"16164282735726715127581001007108207176",
"126618458550900479670412436442781607939",
"283403012818113115298024456803577360051",
"2124488587400758337436671087210559152",
"62328480155296567832115228747882344996",
"144375790173716425885953218121596677760",
"205215892409190705596549140107773233451",
"207756498780017842663723332025695911167",
"229234342560300325154534679029984399583",
"16051796312696265037731275805456752470",
"30929068931846674539003798942780869495",
"323892136319894279214617299501675223800",
"233274614161855900731534910191892423532",
"58559931032367457753173542144392517654",
"237334063425101614219700585306571431324",
"197775890749643360148506216658977835594",
"243980556882210687679527058461074493369",
"223107949625623543082729621704055240069",
"186337955961914798670130077597475160264",
"107001045830900699671500243233337390187",
"47042827199614221336493521894045987247",
"203407545197517212486057027374324118847",
"206704509863398245212238537887658288083",
"25418460421610973440526468153250420322",
"213838934792678850345477946870945926776",
"110029092430358350614173937463582715606",
"148586814163814199339430504100346409519",
"179320625903692620126697052257518018669",
"162605712851770514391701634618157945620",
"201323386390887994709482205914221357499",
"226376960646314093785934540623291219869",
"50091104779911715157414553770217045384",
"207777099126891364026959173885880206216",
"259279305327104109538745401632790249056",
"243475652724618975542507896295501980801",
"232477640707522716580004420499059051241",
"313854801603506711089056539472484497284",
"264289372196619194994378116903196020237",
"126058693869678905114969735366831582617",
"147121794209921226479034224947800997552",
"226482554715152497959561424952784416910",
"323892136319894279214617299501675223800",
"202819228287960469669893904860740663455",
"240014972408478441561836441747609828713"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/earley_parser.cc"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-c8bbaf96",
"digest": {
"line_hashes": [
"335040960939950666287347340331506140112",
"249942524477838473762085424400236949889",
"229385348172569596021058882053774487130",
"333046638404792702224217561479368888815",
"275897725690191794815297670657246794301",
"322095619265353083905706580931418470406",
"190229094778990894819198876336942005302"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/grammar_printer.cc"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-d3e699a7",
"digest": {
"line_hashes": [
"236897495767803709110547615586371074368",
"301795451858242039821045680291715873495",
"283503370883019972256429827929722085105",
"319212724476970492248183335427457408225",
"9188236784881316996639570927704936946",
"285679526337355381558359880595441580179",
"183053670714551328381109191626948884139",
"66119448870426486874459144381988682483",
"105248154711930948496474843452038938422",
"315185931123126630393013448759311563171",
"119728113273511598471268069022936292779",
"247337949350827216418744265223510996048",
"193670926277526504254015288417886849010",
"229382206123939099018648279504496899848",
"117079922470267448815514581171160035694"
],
"threshold": 0.9
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Line",
"target": {
"file": "cpp/grammar_impl.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-eede1961",
"digest": {
"length": 1460.0,
"function_hash": "24021563019220537387460125884267839688"
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Function",
"target": {
"file": "cpp/grammar_parser.cc",
"function": "EBNFParser::HandleRepetitionRange"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-f6347b03",
"digest": {
"length": 795.0,
"function_hash": "294019817607821468271453521369723363456"
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Function",
"target": {
"file": "cpp/grammar_compiler.cc",
"function": "GrammarMatcherForTokenMaskCache::IsTokenPassLookaheadAssertion"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58446-fe58a21d",
"digest": {
"length": 477.0,
"function_hash": "165877701480443407759217814872025261082"
},
"source": "https://github.com/mlc-ai/xgrammar/commit/ced69c3ad2f8f61b516cc278a342e7c644383e27",
"signature_type": "Function",
"target": {
"file": "cpp/grammar_functor.cc",
"function": "SeqExprIsEpsilon"
}
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58446.json"
vanir_signatures_modified
"2026-04-12T18:25:22Z"