CVE Catalog

CVE-2026-7301

Critical
Published: Translated: NVD NIST

Summary

By default, the ROUTER socket in the SGLangs multimodal generation runtime scheduler binds to 0.0.0.0 and contains a sink that calls pickle.loads() on incoming messages, enabling remote code execution (RCE) when exposed to the internet.

Risk Assessment

Exposing the socket to the internet poses a serious risk of remote code execution, which could lead to unauthorized control over the system.

Recommendation

It is recommended to restrict the socket binding to a local IP address and avoid using pickle.loads() on untrusted data.

Original NVD description (English source)

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the internet.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS