AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-33626: LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Ser

highvulnerabilityLLM-Specific

security

Source: NVD/CVE DatabaseApril 20, 2026CVE-2026-33626

Summary

LMDeploy, a toolkit for compressing, deploying, and serving large language models, contains a Server-Side Request Forgery vulnerability (SSRF, a flaw that lets attackers trick a server into making requests to unintended targets) in versions before 0.12.3. The vulnerability exists in the `load_image()` function, which downloads images from URLs without checking if those URLs point to private or internal systems, potentially allowing attackers to access sensitive cloud services and internal networks.

Solution / Mitigation

Update LMDeploy to version 0.12.3 or later, which patches the issue.

Vulnerability Details

CVSS Score

7.5(high)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

network

Attack Complexity

low

Privileges Required

none

User Interaction

none

Disclosure Date

April 20, 2026

Classification

Attack SophisticationModerate

Impact (CIA+S)

confidentialityintegrity

AI Component TargetedInference

Taxonomy References

CWE (Weakness Type)

CWE-918

CAPEC (Attack Pattern)

CAPEC-664

Affected Vendors

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-33626

First tracked: April 20, 2026 at 08:08 PM

Classified by LLM (prompt v3) · confidence: 95%