CVE 9.8 CRITICAL

CVE-2026-7301_CVE-2026-7301

May 18, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the internet.

AI Analysis

Remote Code Execution (RCE) vulnerability in SGLang's ROUTER socket due to the use of pickle.loads() on incoming messages.

Basic Information

ID CVE-2026-7301

Source certcc

Published May 18, 2026 at 10:38

Modified May 18, 2026 at 14:06

Affected Product

Vendor SGLang

Product SGLang

Version 5.10

Affected Versions SGLang SGLang 5.10

CWE Classification

CWE-502

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor SGLang

Product SGLang

Version 5.10

References

{
    "lastseen": "",
    "description": "SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the internet.",
    "published": "2026-05-18T10:38:56.493Z",
    "modified": "2026-05-18T14:06:20.513Z",
    "type": "cve",
    "title": "CVE-2026-7301",
    "source": "certcc",
    "references": "https://github.com/sgl-project/sglang/tree/main/python/sglang\nhttps://antiproof.ai/blog/three-rces-in-sglang/",
    "id": "CVE-2026-7301",
    "bulletinFamily": "",
    "cwe": [
        "CWE-502"
    ],
    "cvelist": null,
    "sourceData": "SGLang SGLang 5.10",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SGLang",
    "version": "5.10",
    "vendor": "SGLang",
    "ai_description": "Remote Code Execution (RCE) vulnerability in SGLang's ROUTER socket due to the use of pickle.loads() on incoming messages.",
    "ai_severity": "Critical",
    "ai_vendor": "SGLang",
    "ai_product": "SGLang",
    "ai_version": "5.10",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply