SGLang's multimodal generation runtime has an unauthenticated path traversal vulnerability
Critical severity
GitHub Reviewed
Published
May 18, 2026
to the GitHub Advisory Database
•
Updated May 29, 2026
Description
Published by the National Vulnerability Database
May 18, 2026
Published to the GitHub Advisory Database
May 18, 2026
Last updated
May 29, 2026
Reviewed
May 29, 2026
SGLang's multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints.
References