Insecure Deserialization Flaw in SGLangs Python Script
CVE-2026-3989

7.8HIGH

Key Information:

Vendor: Sglang
Status: Sglang
Vendor: CVE Published:; 12 March 2026

What is CVE-2026-3989?

The SGLangs replay_request_dump.py script contains an insecure use of the pickle.load() method, allowing for the potential execution of arbitrary code. This vulnerability arises when the script does not validate or properly secure the deserialization process. An attacker could craft a malicious .pkl file, which if processed by the vulnerable script, could lead to the execution of unauthorized code on the host machine. Users of this script should be aware of the risks and implement necessary mitigations to safeguard against exploitation.

Affected Version(s)

SGLang 0.5.10

References

https://github.com/sgl-project/sglang/blob/main/scripts/p...

https://orca.security/resources/blog/sglang-llm-framework...

https://github.com/sgl-project/sglang/releases/tag/v0.5.10

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2026
Vulnerability Reserved
Mar 11, 2026

CVE-2026-3989 Data

JSON

Sglang

What is CVE-2026-3989?

Affected Version(s)

References

CVSS V3.1

Timeline