CVE 9.8 CRITICAL

CVE-2026-7304_CVE-2026-7304

May 18, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads() will be deserialized without validation.

AI Analysis

Unauthenticated remote code execution vulnerability in SGLang multimodal generation runtime

Basic Information

ID CVE-2026-7304

Source certcc

Published May 18, 2026 at 10:39

Modified May 18, 2026 at 14:04

Affected Product

Vendor SGLang

Product SGLang

Version 5.10

Affected Versions SGLang SGLang 5.10

CWE Classification

CWE-502

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor SGLang

Product SGLang multimodal generation runtime

Version 5.10

References

{
    "lastseen": "",
    "description": "SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads() will be deserialized without validation.",
    "published": "2026-05-18T10:39:52.696Z",
    "modified": "2026-05-18T14:04:23.864Z",
    "type": "cve",
    "title": "CVE-2026-7304",
    "source": "certcc",
    "references": "https://github.com/sgl-project/sglang/tree/main/python/sglang\nhttps://antiproof.ai/blog/three-rces-in-sglang/",
    "id": "CVE-2026-7304",
    "bulletinFamily": "",
    "cwe": [
        "CWE-502"
    ],
    "cvelist": null,
    "sourceData": "SGLang SGLang 5.10",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SGLang",
    "version": "5.10",
    "vendor": "SGLang",
    "ai_description": "Unauthenticated remote code execution vulnerability in SGLang multimodal generation runtime",
    "ai_severity": "Critical",
    "ai_vendor": "SGLang",
    "ai_product": "SGLang multimodal generation runtime",
    "ai_version": "5.10",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply