Deserialization of Untrusted Data

Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the ROUTER socket which binds to 0.0.0.0 by default and deserializes incoming messages using...

Directory Traversal

Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Directory Traversal via the upload filename parameter in specific endpoints. An unauthenticated attacker can overwrite or create...

GHSA-QWRP-WGHP-94Q2 SGLang's multimodal generation runtime has an unauthenticated path traversal vulnerability

SGLang's multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

SGLang: Unauthenticated RCE via --enable-custom-logit-processor

SGLang's multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads will be deserialized without validation...

CVE-2026-7302

SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

CVE-2026-7304 CVE-2026-7304

SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads will be deserialized without validation...

CVE-2026-7302

The CVE-2026-7302 entry concerns the SGLangs multimodal generation runtime, which is vulnerable to an unauthenticated path traversal flaw. An attacker can craft upload filenames containing "../" to cause the server process to write arbitrary files to locations it has write access, via specific en...

CVE-2026-7302 CVE-2026-7302

SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

CVE-2026-7301

CVE-2026-7301 affects the SGLang multicast/multimodal generation runtime (sglang). The vulnerability stems from the ROUTER socket binding to 0.0.0.0 by default and a sink that calls pickle.loads() on incoming messages, enabling remote code execution when exposed to the internet. Affected componen...

CVE-2026-7301 CVE-2026-7301

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

CVE-2026-7301

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

sglang 安全漏洞

SGLang is a programming language and runtime system developed by SGL-project, aimed at accelerating large model inference. SGLang has a security vulnerability, which stems from unvalidated path traversal in the multimodal generation runtime. This vulnerability could allow attackers to send files ...

SGLang contains two remote code execution and one path traversal vulnerability

Overview Three vulnerabilities have been discovered in the SGLang project, two enabling remote code execution RCE, and one regarding a path traversal vulnerability. In order for an attacker to exploit these vulnerabilities, the multimodal generation mode must be enabled, and an attacker must have...