CVE-2025-67729: LMDeploy is a toolkit for compressing, deploying, and serving LLMs. Prior to version 0.11.1, an insecure deserialization
highvulnerabilityLLM-Specific
security
Summary
LMDeploy is a toolkit for compressing, deploying, and serving large language models (LLMs). Prior to version 0.11.1, the software had an insecure deserialization vulnerability (unsafe conversion of data back into executable code) where it used torch.load() without the weights_only=True parameter when opening model checkpoint files, allowing attackers to run arbitrary code on a victim's machine by tricking them into loading a malicious .bin or .pt model file.
Solution / Mitigation
This issue has been patched in version 0.11.1.
Vulnerability Details
CVSS Score
8.8(high)
EPSS (30-day exploit probability)
EPSS: 0.1%
Classification
Attack Type
Model Theft
Attack SophisticationModerate
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-67729
First tracked: February 15, 2026 at 08:53 PM
Classified by LLM (prompt v3) · confidence: 95%