Lucene search
K

244 matches found

Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.21 views

PT-2026-46167

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A hig...

3.6CVSS5.2AI score0.00075EPSS
Exploits0References9
OSV
OSV
added 2026/05/18 12:31 p.m.7 views

GHSA-QWRP-WGHP-94Q2 SGLang's multimodal generation runtime has an unauthenticated path traversal vulnerability

SGLang's multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

9.1CVSS5.9AI score0.00386EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/18 12:31 p.m.8 views

Directory Traversal

Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Directory Traversal via the upload filename parameter in specific endpoints. An unauthenticated attacker can overwrite or create...

9.1CVSS6.3AI score0.00386EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 12:31 p.m.10 views

Deserialization of Untrusted Data

Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the ROUTER socket which binds to 0.0.0.0 by default and deserializes incoming messages using...

9.8CVSS6.1AI score0.00399EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/18 12:31 p.m.19 views

SGLang's multimodal generation runtime has an unauthenticated path traversal vulnerability

SGLang's multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

9.1CVSS5.9AI score0.00386EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/18 12:31 p.m.9 views

GHSA-GWV6-PQ6M-P3RQ SGLanG: Multimodal scheduler deserializes untrusted pickle data on 0.0.0.0 ROUTER socket

SGLang's multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

9.8CVSS5.8AI score0.00399EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/18 12:31 p.m.13 views

SGLang: Unauthenticated RCE via --enable-custom-logit-processor

SGLang's multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads will be deserialized without validation...

9.8CVSS6.4AI score0.00585EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/18 12:31 p.m.14 views

SGLanG: Multimodal scheduler deserializes untrusted pickle data on 0.0.0.0 ROUTER socket

SGLang's multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

9.8CVSS5.8AI score0.00399EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/18 12:16 p.m.19 views

CVE-2026-7302

SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

9.1CVSS0.00386EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/18 10:39 a.m.9 views

CVE-2026-7304 CVE-2026-7304

SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads will be deserialized without validation...

6.4AI score0.00585EPSS
Exploits0References2
OSV
OSV
added 2026/05/18 10:39 a.m.5 views

CVE-2026-7304 CVE-2026-7304

SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads will be deserialized without validation...

9.8CVSS6.6AI score0.00585EPSS
Exploits0References4
CVE
CVE
added 2026/05/18 10:39 a.m.26 views

CVE-2026-7302

The CVE-2026-7302 entry concerns the SGLangs multimodal generation runtime, which is vulnerable to an unauthenticated path traversal flaw. An attacker can craft upload filenames containing "../" to cause the server process to write arbitrary files to locations it has write access, via specific en...

9.1CVSS5.9AI score0.00386EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/18 10:39 a.m.12 views

CVE-2026-7302 CVE-2026-7302

SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

5.9AI score0.00386EPSS
Exploits0References2
CVE
CVE
added 2026/05/18 10:38 a.m.41 views

CVE-2026-7301

CVE-2026-7301 affects the SGLang multicast/multimodal generation runtime (sglang). The vulnerability stems from the ROUTER socket binding to 0.0.0.0 by default and a sink that calls pickle.loads() on incoming messages, enabling remote code execution when exposed to the internet. Affected componen...

9.8CVSS5.8AI score0.00399EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/18 10:38 a.m.4 views

CVE-2026-7301 CVE-2026-7301

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

9.8CVSS6AI score0.00399EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/18 10:38 a.m.62 views

CVE-2026-7301 CVE-2026-7301

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

0.00399EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/18 10:38 a.m.22 views

CVE-2026-7301

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

9.8CVSS5.8AI score0.00399EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.11 views

PT-2026-41670

Name of the Vulnerable Software and Affected Versions SGLang affected versions not specified Description The multimodal generation runtime allows unauthenticated remote code execution when the --enable-custom-logit-processor option is active. This occurs because Python objects loaded through the...

9.8CVSS6.4AI score0.00585EPSS
Exploits0References13
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.11 views

Hallucination As Exploit: Evidence-Carrying Multimodal Agents

Multimodal agents use screenshots, documents, and webpages to choose tool calls. When a false visual claim triggers a click, email, extraction, or transfer, hallucination becomes an authorization failure rather than an answer-quality error. We formalize this failure mode as hallucination-to-actio...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.26 views

PT-2026-41669

Name of the Vulnerable Software and Affected Versions SGLangs multimodal generation runtime affected versions not specified Description An unauthenticated path traversal flaw allows an attacker to write arbitrary files to any location where the server process has write permissions. This is achiev...

9.1CVSS5.9AI score0.00386EPSS
Exploits0References14
Rows per page
Query Builder