VYPR

Lmdeploy

by Internlm

pypi: lmdeploy

Source repositories

CVEs (6)

  • CVE-2026-46517HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.00

    LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trust_remote_code=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches.

  • CVE-2026-33626HigApr 20, 2026
    risk 0.45cvss 7.5epss 0.45

    LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery (SSRF) vulnerability in LMDeploy's vision-language module. The `load_image()` function in `lmdeploy/vl/utils.py` fetches arbitrary…

  • CVE-2026-46432HigJun 10, 2026
    risk 0.44cvss 7.8epss 0.00

    LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trust_remote_code=True" in multiple HuggingFace model-loading call sites. At time of…

  • CVE-2025-67729Dec 26, 2025
    risk 0.00cvss epss 0.00

    LMDeploy is a toolkit for compressing, deploying, and serving LLMs. Prior to version 0.11.1, an insecure deserialization vulnerability exists in lmdeploy where torch.load() is called without the weights_only=True parameter when loading model checkpoint files. This allows an…

  • CVE-2025-3163Apr 3, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the attack on the local…

  • CVE-2025-3162Apr 3, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been classified as critical. Affected is the function load_weight_ckpt of the file lmdeploy/lmdeploy/vl/model/utils.py of the component PT File Handler. The manipulation leads to deserialization. Attacking…