CVEFinder.io

CVE-2026-3059

⛔ critical
🔍 Scan for this CVE
Summary

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication.

CVSS Score
9.8
Critical
EPSS Score
1.3
Exploit Probability
Published Date
2026-03-12
First Seen: 2026-03-13
📊 Relative Risk Intelligence

This CVE is Very High Risk - more severe than 90.4% of all 321,566 vulnerabilities in our database.

#30,777
Top 10% most severe
Severity Percentile
🎯 CISA SSVC Assessment Updated: Mar 12, 2026
🔍 Exploitation Status
Poc
Proof-of-concept available
⚙️ Automatable
YES
Can be exploited automatically
💥 Technical Impact
Total
Complete system compromise possible
SSVC data provided by CISA
Last Modified 2026-04-07
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-502

📦 Affected Products 1

Vendor Product Status Affected Versions
lmsys sglang Affected
> 0.5.5 < 0.5.9

🔗 References 5

https://github.com/sgl-project/sglang/blob/main/pyth...
Product
https://github.com/sgl-project/sglang/pull/20904
https://github.com/sgl-project/sglang/releases/tag/v...
https://github.com/sgl-project/sglang/security/advis...
Broken Link
https://orca.security/resources/blog/sglang-llm-fram...
Exploit Mitigation Third Party Advisory

🔗 Related CVEs 5

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-7301 ⛔ critical 9.8 0.1 SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that cal... 2026-05-18
CVE-2026-7302 ⛔ critical 9.1 0.1 SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an atta... 2026-05-18
CVE-2026-7304 ⛔ critical 9.8 0.3 SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-lo... 2026-05-18
CVE-2026-3060 ⛔ critical 9.8 1.3 SGLang' encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disagg... 2026-03-12
CVE-2025-10164 ⚠️ high 7.3 0.0 A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the fi... 2025-09-09
These CVEs affect the same products