Malicious GGUF models could give attackers RCE on SGLang inference servers

A critical flaw in SGLang could let attackers turn a standard GGUF model file into a remote code execution path on AI inference servers. The bug, tracked as CVE-2026-5760, affects SGLang’s /v1/rerank endpoint and can execute attacker-controlled Python code when the server loads a poisoned model and processes a rerank request. The issue matters because […] The post Malicious GGUF models could give attackers RCE on SGLang inference servers appeared first on VPN Central.