Vulnerability Details CVE-2026-33626
LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery (SSRF) vulnerability in LMDeploy's vision-language module. The `load_image()` function in `lmdeploy/vl/utils.py` fetches arbitrary URLs without validating internal/private IP addresses, allowing attackers to access cloud metadata services, internal networks, and sensitive resources. Version 0.12.3 patches the issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.8%
CVSS Severity
CVSS v3 Score 7.5
References
- https://github.com/InternLM/lmdeploy/commit/71d64a339edb901e9005358e0633fbbab367d626
- https://github.com/InternLM/lmdeploy/pull/4447
- https://github.com/InternLM/lmdeploy/releases/tag/v0.12.3
- https://github.com/InternLM/lmdeploy/security/advisories/GHSA-6w67-hwm5-92mq
- https://github.com/InternLM/lmdeploy/security/advisories/GHSA-6w67-hwm5-92mq
Products affected by CVE-2026-33626
-
cpe:2.3:a:internlm:lmdeploy:0.0.10
-
cpe:2.3:a:internlm:lmdeploy:0.0.11
-
cpe:2.3:a:internlm:lmdeploy:0.0.12
-
cpe:2.3:a:internlm:lmdeploy:0.0.13
-
cpe:2.3:a:internlm:lmdeploy:0.0.14
-
cpe:2.3:a:internlm:lmdeploy:0.0.2
-
cpe:2.3:a:internlm:lmdeploy:0.0.3
-
cpe:2.3:a:internlm:lmdeploy:0.0.4
-
cpe:2.3:a:internlm:lmdeploy:0.0.5
-
cpe:2.3:a:internlm:lmdeploy:0.0.6
-
cpe:2.3:a:internlm:lmdeploy:0.0.7
-
cpe:2.3:a:internlm:lmdeploy:0.0.8
-
cpe:2.3:a:internlm:lmdeploy:0.0.9
-
cpe:2.3:a:internlm:lmdeploy:0.1.0
-
cpe:2.3:a:internlm:lmdeploy:0.10.0
-
cpe:2.3:a:internlm:lmdeploy:0.10.1
-
cpe:2.3:a:internlm:lmdeploy:0.10.2
-
cpe:2.3:a:internlm:lmdeploy:0.11.0
-
cpe:2.3:a:internlm:lmdeploy:0.11.1
-
cpe:2.3:a:internlm:lmdeploy:0.2.0
-
cpe:2.3:a:internlm:lmdeploy:0.2.1
-
cpe:2.3:a:internlm:lmdeploy:0.2.2
-
cpe:2.3:a:internlm:lmdeploy:0.2.3
-
cpe:2.3:a:internlm:lmdeploy:0.2.4
-
cpe:2.3:a:internlm:lmdeploy:0.2.5
-
cpe:2.3:a:internlm:lmdeploy:0.2.6
-
cpe:2.3:a:internlm:lmdeploy:0.3.0
-
cpe:2.3:a:internlm:lmdeploy:0.4.0
-
cpe:2.3:a:internlm:lmdeploy:0.4.1
-
cpe:2.3:a:internlm:lmdeploy:0.4.2
-
cpe:2.3:a:internlm:lmdeploy:0.5.0
-
cpe:2.3:a:internlm:lmdeploy:0.5.1
-
cpe:2.3:a:internlm:lmdeploy:0.5.2
-
cpe:2.3:a:internlm:lmdeploy:0.5.3
-
cpe:2.3:a:internlm:lmdeploy:0.6.0
-
cpe:2.3:a:internlm:lmdeploy:0.6.1
-
cpe:2.3:a:internlm:lmdeploy:0.6.2
-
cpe:2.3:a:internlm:lmdeploy:0.6.3
-
cpe:2.3:a:internlm:lmdeploy:0.6.4
-
cpe:2.3:a:internlm:lmdeploy:0.7.0
-
cpe:2.3:a:internlm:lmdeploy:0.7.1
-
cpe:2.3:a:internlm:lmdeploy:0.7.2
-
cpe:2.3:a:internlm:lmdeploy:0.7.3
-
cpe:2.3:a:internlm:lmdeploy:0.8.0
-
cpe:2.3:a:internlm:lmdeploy:0.9.0
-
cpe:2.3:a:internlm:lmdeploy:0.9.1
-
cpe:2.3:a:internlm:lmdeploy:0.9.2