Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
SGLang: Untrusted Data Can Execute Malicious Code Remotely
CVE-2026-3060
GHSA-jx93-g359-86wm
Summary
SGLang's disaggregation module allows untrusted data to be executed as code, potentially leading to unauthorized access and malicious actions. This vulnerability can be exploited by an attacker without needing to log in, allowing them to execute arbitrary code on the system. To protect against this, update to the latest version of SGLang or implement authentication for the disaggregation module.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | sglang | <= 0.5.9 | – |
Original title
SGLang's encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module
Original description
SGLang's encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads() without authentication.
Vulnerability type
CWE-502
Deserialization of Untrusted Data
- https://github.com/sgl-project/sglang/blob/main/python/sglang/srt/disaggregation...
- https://orca.security/resources/blog/sglang-llm-framework-rce-vulnerabilities/
- https://nvd.nist.gov/vuln/detail/CVE-2026-3060
- https://orca.security/resources/blog/sglang-llm-framework-rce-vulnerabilities
- https://github.com/advisories/GHSA-jx93-g359-86wm
Published: 12 Mar 2026 · Updated: 14 Mar 2026 · First seen: 12 Mar 2026