Critical severity9.8NVD Advisory· Published Mar 12, 2026· Updated Apr 7, 2026

CVE-2026-3059

Description

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
sglangPyPI	< 0.5.10	0.5.10

Affected products

Lmsys/Sglang
cpe:2.3:a:lmsys:sglang:*:*:*:*:*:*:*:*
Range: >=0.5.5,<=0.5.9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

orca.security/resources/blog/sglang-llm-framework-rce-vulnerabilities/nvdExploitMitigationThird Party Advisory
github.com/advisories/GHSA-rgq9-fqf5-fv58ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2026-3059ghsaADVISORY
github.com/sgl-project/sglang/blob/main/python/sglang/multimodal_gen/runtime/scheduler_client.pynvdProductWEB
github.com/sgl-project/sglang/pull/20904nvdWEB
github.com/sgl-project/sglang/releases/tag/v0.5.10nvdWEB
github.com/sgl-project/sglang/security/advisories/GHSA-3cp7-c6q2-94xrnvdBroken LinkWEB
orca.security/resources/blog/sglang-llm-framework-rce-vulnerabilitiesghsaWEB

News mentions

⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
The Hacker News · Apr 27, 2026
Building the foundation for running extra-large language models
Cloudflare Blog · Apr 16, 2026

cvss	0.637
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000