CVE-2026-33626: LMDeploy has Server-Side Request Forgery (SSRF) via Vision-Language Image Loading
A Server-Side Request Forgery (SSRF) vulnerability exists in LMDeploy’s vision-language module. The load_image() function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating internal/private IP addresses, allowing attackers to access cloud metadata services, internal networks, and sensitive resources.
References
- github.com/InternLM/lmdeploy
- github.com/InternLM/lmdeploy/commit/71d64a339edb901e9005358e0633fbbab367d626
- github.com/InternLM/lmdeploy/pull/4447
- github.com/InternLM/lmdeploy/releases/tag/v0.12.3
- github.com/InternLM/lmdeploy/security/advisories/GHSA-6w67-hwm5-92mq
- github.com/advisories/GHSA-6w67-hwm5-92mq
- nvd.nist.gov/vuln/detail/CVE-2026-33626
Code Behaviors & Features
Detect and mitigate CVE-2026-33626 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →