AI Security Open Source Hardware Apple Policy

#cve-2026-5760

Related: #ai-security · 1 #gguf · 1 #jinja2 · 1 #llm · 1 #rce · 1 #sglang · 1 #supply-chain · 1

A malicious GGUF file owns your SGLang server: CVE-2026-5760 is an unpatched 9.8

SGLang's reranker renders chat templates without a sandbox. Load a hostile GGUF, hit /v1/rerank, and the attacker has Python on your inference box. No patch yet.