SGLang Triple RCE (CVE-2026-3059, CVE-2026-3060, CVE-2026-3989)

Two CVSS 9.8 unauthenticated RCE vulnerabilities via unsafe pickle.loads() deserialization in ZeroMQ broker and disaggregation modules. CVE-2026-3989 (CVSS 7.8): insecure pickle.load() in replay_request_dump.py. Unpatched as of disclosure.