Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-27461

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00376EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/11 7:25 p.m.6 views

CVE-2025-10164

A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /updateweightsfromtensor. The manipulation of the argument serializednamedtensors results in deserialization. The attack can be launched remotely. The exploit has been releas...

7.5CVSS6.6AI score0.00376EPSS
Exploits0References1
OSV
OSV
added 2025/09/09 9:30 p.m.2 views

GHSA-9W53-XR52-MWGJ SGLang Remote Code Execution Vulnerability via Unsafe Deserialization in update_weights_from_tensor

A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /updateweightsfromtensor. The manipulation of the argument serializednamedtensors results in deserialization. The attack can be launched remotely. The exploit has been releas...

7.3CVSS6.8AI score0.00376EPSS
Exploits0References6
NVD
NVD
added 2025/09/09 7:15 p.m.3 views

CVE-2025-10164

A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /updateweightsfromtensor. The manipulation of the argument serializednamedtensors results in deserialization. The attack can be launched remotely. The exploit has been releas...

7.5CVSS0.00376EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/09 6:32 p.m.3 views

CVE-2025-10164 lmsys sglang update_weights_from_tensor main deserialization

A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /updateweightsfromtensor. The manipulation of the argument serializednamedtensors results in deserialization. The attack can be launched remotely. The exploit has been releas...

7.5CVSS6.4AI score0.00376EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/09 6:32 p.m.10 views

CVE-2025-10164 lmsys sglang update_weights_from_tensor main deserialization

A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /updateweightsfromtensor. The manipulation of the argument serializednamedtensors results in deserialization. The attack can be launched remotely. The exploit has been releas...

7.5CVSS0.00376EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.16 views

PT-2025-36911

Name of the Vulnerable Software and Affected Versions lmsys sglang version 0.4.6 Description A security flaw exists in lmsys sglang version 0.4.6. The issue involves the main function within the /update weights from tensor file, which is susceptible to deserialization due to manipulation of the...

7.5CVSS7.2AI score0.00376EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.4 views

LMSYS SGLang 代码问题漏洞

LMSYS SGLang is a large language model inference engine from LMSYS open source. A code issue vulnerability exists in LMSYS SGLang version 0.4.6, which stems from a misbehavior of the parameter serializednamedtensors of the function main in the file /updateweightsfromtensor resulting in...

7.5CVSS7.4AI score0.00376EPSS
Exploits0References4
Rows per page
Query Builder