LMDeploy CVE-2026-33626 SSRF Flaw Exploited Within 13 Hours of Disclosure

Summary

A Server-Side Request Forgery (SSRF) vulnerability in LMDeploy — an open-source toolkit widely used to compress, deploy, and serve large language models — was exploited in the wild within 12 hours and 31 minutes of public disclosure on April 22, 2026. The flaw (CVE-2026-33626, CVSS 7.5) exists in the `load_image()` function in `lmdeploy/vl/utils.py`, which fetches arbitrary URLs without validating internal or private IP addresses. Attackers can use it to access cloud metadata services, internal