High · CVSS 7.5 April 22, 2026 · LMDeploy Security Advisory

LMDeploy Vision-Language SSRF

Unvalidated Image URL Fetching Exposes Cloud Metadata and Internal Services

CVE-2026-33626 affects LMDeploy's image-loading functionality for vision-language models. When processing OpenAI-compatible chat requests with image_url parameters, the server fetches URLs without validating destination hosts — creating a Server-Side Request Forgery primitive that grants access to cloud metadata services, internal databases, and private network topology. The vulnerability was exploited in the wild within 12 hours and 31 minutes of advisory publication.

1 CVE

7.5 CVSS Score

12h 31m Time to Exploit

Patched Status

"Attackers are increasingly weaponizing vulnerabilities in inference servers, model gateways, and agent orchestration tools within hours of advisory publication."

Members only

Full technical analysis, attack chain, IOCs, and the defensive checklist are available to registered members — free to join.

Source: LMDeploy security advisory, CVE-2026-33626, April 22, 2026. This advisory is an independent defensive guide produced by Spectreworks AI for educational purposes only.