Lucene search
K

4 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-539 SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads without authentication...

9.8CVSS7.4AI score0.01534EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2026/03/12 12:30 p.m.8 views

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads without authentication...

9.8CVSS6.3AI score0.01534EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2026/03/12 11:37 a.m.27 views

CVE-2026-3059

CVE-2026-3059 affects SGLang’s multimodal generation module via the ZMQ broker, where unauthenticated data can be deserialized with pickle.loads(), enabling remote code execution. The vulnerability arises from deserializing untrusted data without authentication. The provided documents do not spec...

9.8CVSS6.3AI score0.01534EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.8 views

sglang 安全漏洞

SGLang is a programming language and runtime system developed by SGL-project, aimed at accelerating large model inference. SGLang has a security vulnerability that stems from the multi-modal generation module deserializing unvalidated data through the ZMQ proxy, potentially allowing remote code...

9.8CVSS7.1AI score0.01534EPSS
Exploits1References4
Rows per page
Query Builder