Vulnerabilities3 min read
SGLang CVSS 9.8 Flaw Allows RCE via Malicious AI Model Files
Critical CVE-2026-5760 in SGLang enables unauthenticated RCE through poisoned GGUF model files. Attackers can weaponize Hugging Face models to compromise inference servers.
Marcus ChenApr 26, 2026