CVE-2026-7302

CRITICAL9.1EPSS 0.10%

SGLang's multimodal generation runtime has an unauthenticated path traversal vulnerability

發布日:2026/5/18修改日:2026/5/29

描述

SGLang's multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints.

受影響套件(1)

PyPI/sglang>= 0.5.5, <= 0.5.12

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	CRITICAL9.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

參考連結(4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-7302
PATCHhttps://github.com/sgl-project/sglang
WEBhttps://antiproof.ai/blog/three-rces-in-sglang
WEBhttps://github.com/sgl-project/sglang/tree/main/python/sglang