By vendor
Lmsys vulnerabilities
Known CVEs affecting Lmsys products, prioritized by severity, with SEC.co remediation and detection guidance.
1 published vulnerability
- CVE-2026-10775LOW 3.6
CVE-2026-10775 is a denial-of-service vulnerability in SGLang's cache handling mechanism. An attacker with local system access and user-level privileges can trigger a crash or service interruption by exploiting the data_hash function in the cache handler. The attack requires specific knowledge of the system's cache internals, making it moderately difficult to execute, though proof-of-concept code has been publicly disclosed.