Description
A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora_manager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lora_path leads to reachable assertion. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.
Published: 2026-06-01
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is present in SGLang’s Inference HTTP Endpoint, where manipulating the lora_path argument in python/sglang/srt/lora/lora_manager.py triggers a reachable assertion. The assertion failure causes the process to terminate, resulting in a denial of service. Classified as CWE-617, the flaw reveals a lack of proper boundary checking on a remotely controllable parameter, and the impact is a loss of availability for any clients depending on the inference API.

Affected Systems

SGLang version 0.5.10.post1 is the only explicitly listed affected release. No other versions or vendors are mentioned in the CVE description. Users running this exact version are at risk until a patch is applied.

Risk and Exploitability

The CVSS score of 6.3 indicates moderate severity, while EPSS data is unavailable, and the vulnerability is not listed in CISA KEV. It can be exploited remotely with high complexity and is considered difficult to exploit, but the public disclosure and pending patch suggest that attackers could craft a malicious lora_path request to trigger the assertion and crash the endpoint. Exploitation requires no special conditions beyond sending a crafted request to the exposed inference API.

Generated by OpenCVE AI on June 2, 2026 at 00:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest SGLang release once the pending pull request (PR #25078) is merged, or upgrade to a version that contains the fix.
  • Restrict external access to the Inference HTTP Endpoint using firewall rules or authentication so that only trusted clients can send lora_path requests.
  • Add defensive input validation to reject malformed or excessively long lora_path values before they reach the assertion, mitigating the buffer‑overrun risk.

Generated by OpenCVE AI on June 2, 2026 at 00:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 02 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 02 Jun 2026 08:00:00 +0000

Type Values Removed Values Added
First Time appeared Sgl-project
Sgl-project sglang
Vendors & Products Sgl-project
Sgl-project sglang

Mon, 01 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora_manager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lora_path leads to reachable assertion. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.
Title SGLang Inference HTTP Endpoint lora_manager.py assertion
First Time appeared Sglang
Sglang sglang
Weaknesses CWE-617
CPEs cpe:2.3:a:sglang:sglang:*:*:*:*:*:*:*:*
Vendors & Products Sglang
Sglang sglang
References
Metrics cvssV2_0

{'score': 2.6, 'vector': 'AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 3.7, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Sgl-project Sglang
Sglang Sglang
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-02T12:29:48.421Z

Reserved: 2026-05-31T18:11:11.981Z

Link: CVE-2026-10300

cve-icon Vulnrichment

Updated: 2026-06-02T12:29:42.150Z

cve-icon NVD

Status : Deferred

Published: 2026-06-01T23:16:19.170

Modified: 2026-06-02T13:03:31.153

Link: CVE-2026-10300

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-02T08:00:04Z

Weaknesses