Sglang - Sglang - CRITICAL - CVE-2026-3060. The SGLang Encoder's disaggregation module is at risk of unauthenticated remote code execution. This occurs due to the unsafe deserialization of untrusted data utilizing the method `pickle.loads()`, which can be exploited by attackers to execute arbitrary code remotely. Ensuring robust validation and authentication mechanisms is crucial to mitigate the risk associated with this vulnerability.