SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are rendered using an unsandboxed jinja2.Environment().
VulnCheck: SGLang's reranking
Exploit
CVE-2026-5760
VulnCheck
Refer to CVE-2026-5760 NVD advisory