{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72670?format=json","vulnerability_id":"VCID-4a86-u5fj-8ueh","summary":"SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the internet.","aliases":[{"alias":"CVE-2026-7301"},{"alias":"GHSA-gwv6-pq6m-p3rq"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40871?format=json","purl":"pkg:pypi/sglang@0.5.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a86-u5fj-8ueh"},{"vulnerability":"VCID-fc66-wdy3-7ken"},{"vulnerability":"VCID-rvzj-qkg3-6ffm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/sglang@0.5.12"},{"url":"http://public2.vulnerablecode.io/api/packages/40872?format=json","purl":"pkg:pypi/sglang@0.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a86-u5fj-8ueh"},{"vulnerability":"VCID-rvzj-qkg3-6ffm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/sglang@0.5.5"}],"references":[{"reference_url":"https://antiproof.ai/blog/three-rces-in-sglang","reference_id":"","reference_type":"","scores":[],"url":"https://antiproof.ai/blog/three-rces-in-sglang"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7301","reference_id":"CVE-2026-7301","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7301"},{"reference_url":"https://github.com/advisories/GHSA-gwv6-pq6m-p3rq","reference_id":"GHSA-gwv6-pq6m-p3rq","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gwv6-pq6m-p3rq"},{"reference_url":"https://github.com/sgl-project/sglang/tree/main/python/sglang","reference_id":"sglang","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-18T14:06:17Z/"}],"url":"https://github.com/sgl-project/sglang/tree/main/python/sglang"},{"reference_url":"https://antiproof.ai/blog/three-rces-in-sglang/","reference_id":"three-rces-in-sglang","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-18T14:06:17Z/"}],"url":"https://antiproof.ai/blog/three-rces-in-sglang/"}],"weaknesses":[{"cwe_id":502,"name":"Deserialization of Untrusted Data","description":"The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid."}],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4a86-u5fj-8ueh"}