CVE-2026-10300 in SGLanginfo

Zusammenfassung

von MITRE • 02.06.2026

A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora_manager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lora_path leads to reachable assertion. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulDB

Veröffentlichung

02.06.2026

Moderieren

akzeptiert

Eintrag

VDB-367593

CPE

bereit

CWE

CWE-617 (bestätigt)

Exploit

Download

CVSS

3.7 (VulDB)

EPSS

0.00047

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-10300
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-10300
CVE Details	https://www.cvedetails.com/cve/CVE-2026-10300/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!