Platform
python
Component
sglang
Fixed in
0.5.11
0.5.10
CVE-2026-3059 is a critical Remote Code Execution (RCE) vulnerability discovered in SGLang, a Python library for multimodal generation. This vulnerability allows an unauthenticated attacker to execute arbitrary code on a system by exploiting insecure deserialization within the multimodal generation module. The vulnerability impacts versions of SGLang up to 0.5.9, and a patch is available in version 0.5.10.
The impact of CVE-2026-3059 is severe. An attacker can exploit this vulnerability to gain complete control over the affected system. This control can be achieved by sending a malicious payload through the ZMQ broker, which is then deserialized without authentication. Successful exploitation allows for arbitrary code execution, enabling attackers to install malware, steal sensitive data, modify system configurations, or pivot to other systems on the network. The lack of authentication makes this vulnerability particularly concerning, as it can be exploited remotely without any prior credentials.
CVE-2026-3059 was publicly disclosed on 2026-03-12. The vulnerability's reliance on pickle deserialization echoes patterns seen in other RCE vulnerabilities, such as those affecting Python-based applications. The EPSS score is likely to be high due to the ease of exploitation and the critical nature of the impact. No public proof-of-concept (PoC) has been observed at the time of writing, but the vulnerability's simplicity suggests that a PoC is likely to emerge.
Exploit Status
EPSS
1.17% (79% percentile)
CVSS Vector
The primary mitigation for CVE-2026-3059 is to upgrade SGLang to version 0.5.10 or later, which includes the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the ZMQ broker to trusted sources only. Implement input validation and sanitization to prevent malicious payloads from being processed. Monitor ZMQ traffic for suspicious activity. After upgrading, confirm the fix by attempting to trigger the vulnerable deserialization process with a known malicious payload – it should now be rejected.
Update to a patched version of SGLang that implements authentication before deserializing untrusted data with pickle.loads(). Review the code to avoid deserializing untrusted data and consider using safer serialization formats.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-3059 is a critical RCE vulnerability in SGLang versions up to 0.5.9, allowing attackers to execute arbitrary code through insecure deserialization of data via the ZMQ broker.
You are affected if you are using SGLang version 0.5.9 or earlier. Check your installed version and upgrade immediately.
Upgrade SGLang to version 0.5.10 or later to resolve this vulnerability. If upgrading is not possible, restrict access to the ZMQ broker and implement input validation.
While no active exploitation has been confirmed, the vulnerability's simplicity suggests it is likely to be targeted, so immediate action is recommended.
Refer to the SGLang project's official repository and release notes for the advisory and detailed information on the fix.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.