Every CVE whose affected-product data names Lmsys Sglang, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-5760 — CVSS 9.8 (critical): SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious…
CVE-2026-3059 — CVSS 9.8 (critical): SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes…
CVE-2026-3060 — CVSS 9.8 (critical): SGLang' encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module…
CVE-2026-7301 — CVSS 9.8 (critical): SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads()…
CVE-2026-7304 — CVSS 9.8 (critical): SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor…
CVE-2026-7302 — CVSS 9.1 (critical): SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write…
CVE-2026-10775 — CVSS 3.6 (low): A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the…