SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication.
https://kb.cert.org/vuls/id/777338
https://thehackernews.com/2026/03/ai-flaws-in-amazon-bedrock-langsmith.html