A vulnerability categorized as problematic has been discovered in SGLang 0.5.10.post1 . Impacted is an unknown function of the file python/sglang/srt/lora/lora_manager.py of the component Inference HTTP Endpoint . Such manipulation of the argument lora_path leads to reachable assertion. This vulnerability is uniquely identified as CVE-2026-10300 . The attack can be launched remotely. Moreover, an exploit is present. The pull request to fix this issue awaits acceptance.