CVE-2026-10300 | SGLang 0.5.10.post1 Inference HTTP Endpoint lora_manager.py lora_path assertion (Issue 23141)

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability categorized as problematic has been discovered in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora_manager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lora_path leads to reachable assertion.

This vulnerability is uniquely identified as CVE-2026-10300. The attack can be launched remotely. Moreover, an exploit is present.

The pull request to fix this issue awaits acceptance.

CVE-2026-10300 | SGLang 0.5.10.post1 Inference HTTP Endpoint lora_manager.py lora_path assertion (Issue 23141)

Post correlati

CVE-2024-21729 | Joomla CMS up to 4.4.5/5.1.1 accessiblemedia cross site scripting

CVE-2023-38023 | Scontain SCONE up to 5.7.x on Intel SGX __scone_dispatch improper authorization (GHSA-v3vm-9h66-wm76)

CVE-2023-51700 | jamieblomerus WP-Mobile-BankID-Integration up to 1.0.0 on WordPress deserialization

CVE-2023-49147 | geek Software PDF24 Creator up to 11.15.1 MSI Installer Local Privilege Escalation