CVE-2026-10775
sgl-project SGLang Cache data_hash denial of service
CVSS Score
3.6
EPSS Score
0.0%
EPSS Percentile
2th
A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the component Cache Handler. This manipulation causes denial of service. The attack is restricted to local execution. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.
| CWE | CWE-404 |
| Vendor | sgl-project |
| Product | sglang |
| Published | Jun 3, 2026 |
| Last Updated | Jun 4, 2026 |
Stay Ahead of the Next One
Get instant alerts for sgl-project sglang
Be the first to know when new low vulnerabilities affecting sgl-project sglang are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
sgl-project / SGLang
0.5.0 0.5.1 0.5.2 0.5.3 0.5.4 0.5.5 0.5.6 0.5.7 0.5.8 0.5.9 0.5.10 0.5.11
References
vuldb.com: https://vuldb.com/vuln/368138 vuldb.com: https://vuldb.com/vuln/368138/cti vuldb.com: https://vuldb.com/cve/CVE-2026-10775 vuldb.com: https://vuldb.com/submit/831438 github.com: https://github.com/sgl-project/sglang/issues/25462 github.com: https://github.com/sgl-project/sglang/pull/22033 github.com: https://github.com/sgl-project/sglang/
Credits
๐ Dem0 (VulDB User) VulDB CNA Team