sglang vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-7302Criticalsglang: SGLang's multimodal generation runtime has an unauthenticated path traversal vulnerabilityCVE-2026-7301Criticalsglang: SGLanG: Multimodal scheduler deserializes untrusted pickle data on 0.0.0.0 ROUTER socketCVE-2026-7304Criticalsglang: SGLang: Unauthenticated RCE via --enable-custom-logit-processorCVE-2026-7669Mediumsglang: SGLang has an Improper Input Validation/Injection IssueCVE-2026-3060Criticalsglang: SGLang's encoder parallel disaggregation system is vulnerable to unauthenticated remote code…CVE-2026-3989Highsglang: SGLangs `replay_request_dump.py` contains an insecure pickle.load() without validation and proper…CVE-2026-3059Criticalsglang: SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution…CVE-2025-10164Mediumsglang: SGLang Remote Code Execution Vulnerability via Unsafe Deserialization in update_weights_from_tensor

Stop the waste.
Protect your environment with Kodem.