Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2026/06/05 7:50 p.m.10 views

CVE-2026-7301

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

9.8CVSS5.5AI score0.00399EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:50 p.m.9 views

CVE-2026-7302

SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

9.1CVSS5.6AI score0.00386EPSS
Exploits0References1
nvd
nvd
added 2026/05/18 12:16 p.m.12 views

CVE-2026-7304

SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads will be deserialized without validation...

9.8CVSS0.00585EPSS
Exploits0References2
euvd
euvd
added 2026/05/18 10:39 a.m.11 views

EUVD-2026-30766

SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads will be deserialized without validation...

9.8CVSS6.4AI score0.00585EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/18 10:39 a.m.46 views

CVE-2026-7304 CVE-2026-7304

SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads will be deserialized without validation...

0.00585EPSS
Exploits0References2
osv
osv
added 2026/05/18 10:39 a.m.4 views

CVE-2026-7302 CVE-2026-7302

SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

9.1CVSS6AI score0.00386EPSS
Exploits0References4
Rows per page
Query Builder