Security Advisory

CVE-2026-3060

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-12 11:37:37

Last updated 2026-04-07 18:45:35

Assigner certcc

State PUBLISHED

Description

SGLang encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads() without authentication.

← Browse all CVEs View on cve.org ↗