Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

SGLang

Source -

CNA

BOS Name -

N/A

CNA CVEs -

4

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
4Vulnerabilities found
CVE-2026-5760
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 59.37%
||
7 Day CHG~0.00%
Published-20 Apr, 2026 | 13:46
Updated-20 Apr, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE-2026-5760

SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are rendered using an unsandboxed jinja2.Environment().

Action-Not Available
Vendor-SGLang
Product-SGLang
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-3989
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.49%
||
7 Day CHG~0.00%
Published-12 Mar, 2026 | 11:37
Updated-07 Apr, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE-2026-3989

SGLangs `replay_request_dump.py` contains an insecure pickle.load() without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script.

Action-Not Available
Vendor-SGLang
Product-SGLang
CVE-2026-3060
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.84% / 83.03%
||
7 Day CHG+0.48%
Published-12 Mar, 2026 | 11:37
Updated-07 Apr, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE-2026-3060

SGLang' encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads() without authentication.

Action-Not Available
Vendor-lmsysSGLang
Product-sglangSGLang
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-3059
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.84% / 83.03%
||
7 Day CHG+0.48%
Published-12 Mar, 2026 | 11:37
Updated-07 Apr, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE-2026-3059

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication.

Action-Not Available
Vendor-lmsysSGLang
Product-sglangSGLang
CWE ID-CWE-502
Deserialization of Untrusted Data