Part of Lyceum Intelligence — deep-research In Focus reports → · Lyceum Corpus — ask the documents →

Full-text search across 381 articles. Typo-tolerant.

Lyceum News Desk ·

CVE-2026-7302 -- CVSS 9.1 Vulnerability Briefing

CVE-2026-7302 | CVSS 9.1 (Critical) | Exploit: No known exploit

What Is It

CVE-2026-7302 is an unauthenticated path traversal vulnerability in Lmsys SGLang's multimodal generation runtime, allowing remote attackers to write arbitrary files to any location accessible by the server process.

Technical Detail

The flaw exists in SGLang's multimodal generation runtime, where insufficient validation of user-supplied file path parameters permits an unauthenticated attacker to traverse directory boundaries and write attacker-controlled content to arbitrary filesystem locations. Because no authentication is required to trigger the vulnerable endpoint, the attack surface is exposed to any network-reachable client. Successful exploitation could result in remote code execution by overwriting executable files, configuration files, or injecting web shells, depending on the server process's write permissions and deployment context.

Exploitation Status

No known exploit has been publicly documented or observed at this time. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog. Despite the absence of confirmed exploitation, the unauthenticated nature of the flaw and its critical CVSS score of 9.1 indicate a low barrier to exploitation once a working method is developed.

Who Is Targeting This

No specific threat actor attribution at this time. Neither confirmed nor reported threat actor activity has been associated with this vulnerability. No targeted sectors or active campaigns have been identified in connection with CVE-2026-7302.

What To Do

Apply any available patches or updated releases from Lmsys for the SGLang package immediately, prioritizing internet-facing or multi-tenant deployments. If a patch is not yet available, restrict network access to the SGLang runtime endpoint using firewall rules or reverse proxy controls, limiting exposure to trusted internal clients only. Audit the filesystem permissions of the account running the SGLang server process and apply the principle of least privilege to reduce the impact of any successful write operation. Monitor server logs for anomalous file write activity or unexpected modifications to configuration and executable paths as a detection signal. Revisit patch status frequently given the critical severity rating.

In Focus
All analysis →

Deep-research intelligence reports from Lyceum Intelligence — structured assessments with sourced claims and calibrated conclusions.

Browse Intelligence Reports →