Security Advisory

CVE-2026-3059

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-12 11:37:25

Last updated 2026-04-07 18:46:03

Assigner certcc

State PUBLISHED

Description

SGLangs multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication.

← Browse all CVEs View on cve.org ↗