CVE-2026-33626 – InternLM lmdeploy
CVSS 7.5
IMPORTANT
“A high-impact weakness in lmdeploy opens the door to real attack code.”
This patch addresses CVE-2026-33626 in InternLM’s lmdeploy. The issue exposes the system to a significant security risk that could be leveraged to compromise operations or data integrity. The CVSS score is 7.5, which is High severity. This level of severity indicates a strong potential for damage if left unpatched, especially in production environments.
Proof-of-concept code is publicly available, confirming that exploitation is practical and not just theoretical. This increases the urgency for remediation, as attackers can replicate the issue with minimal effort. The patch closes the gap and reduces exposure to active misuse.
Key Details
- Affected Product
- Internlm Lmdeploy
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-918
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.