Lucene search
K

73 matches found

Nuclei
Nuclei
added 16 hours ago110 views

LMDeploy - Server-Side Request Forgery

LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery SSRF vulnerability in the vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating internal or...

7.5CVSS6.3AI score0.4525EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.14 views

CVE-2026-46432

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...

7.8CVSS6.2AI score0.00142EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/10 1:14 a.m.3 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the model initialization process when trustremotecode=True is hardcoded in multiple HuggingFace model-loading call sites. An attacker can execute arbitrary code by supplying a malicious model repository...

8.5CVSS6.2AI score0.00142EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 12:16 a.m.11 views

CVE-2026-46432

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...

7.8CVSS0.00142EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 12:16 a.m.14 views

CVE-2026-46517

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

7.8CVSS0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.17 views

lmdeploy 代码注入漏洞

lmdeploy is a toolkit developed by InternLM for compressing, deploying, and serving LLMs. Versions of lmdeploy prior to 0.12.3 have a code injection vulnerability, which stems from the hard-coded trustremotecode=True setting. This vulnerability could lead to remote code execution within the...

7.8CVSS6.3AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.17 views

lmdeploy 代码注入漏洞

lmdeploy is a toolkit developed by InternLM for compressing, deploying, and serving LLMs. Versions of lmdeploy prior to 0.12.3 have a code injection vulnerability. This vulnerability stems from the hardcoding of trustremotecode=True at multiple HuggingFace model loading points, which may allow...

7.8CVSS5.8AI score0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 11:5 p.m.10 views

CVE-2026-46517 LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

7.8CVSS5.4AI score0.00148EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 11:5 p.m.14 views

EUVD-2026-35874

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

7.8CVSS5.4AI score0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 11:5 p.m.39 views

CVE-2026-46517 LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

7.8CVSS0.00148EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:5 p.m.27 views

CVE-2026-46517

LMDeploy has a hardcoded trust_remote_code=True path in multiple code locations (e.g., get_model_arch and related calls) that is invoked for every model load. This creates an implicit unsafe remote-code load path when loading HuggingFace models from a repository, with no user opt-out or CLI flag ...

7.8CVSS5.4AI score0.00148EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 11:5 p.m.2 views

CVE-2026-46517 LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

7.8CVSS5.9AI score0.00148EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 11:5 p.m.8 views

CVE-2026-46432 LMDeploy: Arbitrary code execution via hardcoded trust_remote_code=True in lmdeploy model initialization

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...

7.8CVSS6.2AI score0.00142EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 11:5 p.m.12 views

EUVD-2026-35873

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...

7.8CVSS6.2AI score0.00142EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:5 p.m.37 views

CVE-2026-46432

CVE-2026-46432 (LMDeploy) affects lmdeploy

7.8CVSS6.2AI score0.00142EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 11:5 p.m.4 views

CVE-2026-46432 LMDeploy: Arbitrary code execution via hardcoded trust_remote_code=True in lmdeploy model initialization

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...

7.8CVSS6.6AI score0.00142EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 11:5 p.m.36 views

CVE-2026-46432 LMDeploy: Arbitrary code execution via hardcoded trust_remote_code=True in lmdeploy model initialization

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...

7.8CVSS0.00142EPSS
Exploits0References1
OSV
OSV
added 2026/05/21 7:33 p.m.13 views

GHSA-9XQ9-36W5-Q796 lmdeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

📋 Reframing 2026-05-02: implicit unsafe remote-code path, not "supply-chain" The accurate description of this vulnerability is: "getmodelarch and related helpers hardcode trustremotecode=True with no opt-out, creating an implicit unsafe remote-code load path on every model fetch." What this repor...

7.8CVSS6.5AI score0.00148EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/21 7:33 p.m.14 views

lmdeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

📋 Reframing 2026-05-02: implicit unsafe remote-code path, not "supply-chain" The accurate description of this vulnerability is: "getmodelarch and related helpers hardcode trustremotecode=True with no opt-out, creating an implicit unsafe remote-code load path on every model fetch." What this repor...

7.8CVSS6.5AI score0.00148EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/21 5:30 p.m.11 views

GHSA-M549-QQ94-FVHG LMDeploy: Arbitrary code execution via hardcoded trust_remote_code=True in lmdeploy model initialization

Summary lmdeploy hardcodes trustremotecode=True in multiple HuggingFace model-loading call sites. The affected code paths are in: text lmdeploy/archs.py lmdeploy/utils.py The vulnerable call sites pass trustremotecode=True into HuggingFace Transformers APIs such as AutoConfig.frompretrained,...

7.8CVSS6.5AI score0.00142EPSS
Exploits0References4
Rows per page
Query Builder