<![CDATA[(sysdig.com) LMDeploy SSRF Vulnerability CVE-2026-33626 Exploited Within Hours of Disclosure Against AI Inference Infrastructure]]>

<![CDATA[(sysdig.com) LMDeploy SSRF Vulnerability CVE-2026-33626 Exploited Within Hours of Disclosure Against AI Inference Infrastructure]]>(sysdig.com) LMDeploy SSRF Vulnerability CVE-2026-33626 Exploited Within Hours of Disclosure Against AI Inference Infrastructure

New SSRF in LMDeploy (CVE-2026-33626) exploited 12h31m post-disclosure against AI inference infra. Attacker scanned AWS IMDS, Redis, MySQL, and admin endpoints via crafted image_url in /v1/chat/completions. OOB DNS to requestrepo.com confirmed blind SSRF.

In brief - A critical SSRF in LMDeploy, used for vision-language models, was weaponized within hours of disclosure. Attackers targeted cloud metadata, internal services, and inference clusters, highlighting rapid exploitation of AI infrastructure vulnerabilities.

Technically - CVE-2026-33626 stems from missing hostname validation in LMDeploy’s image URL loader. Attacker sent POST requests with SSRF payloads to 169.254.169.254 (IMDS), 127.0.0.1:6379/3306/8080, and /distserve/p2p_drop_connect. Detection via Falco rules for IMDS contact; remediation requires LMDeploy v0.12.3, IMDSv2 with httpTokens=required, and VPC egress controls.

Source: https://webflow.sysdig.com/blog/cve-2026-33626-how-attackers-exploited-lmdeploy-llm-inference-engines-in-12-hours

#Cybersecurity #ThreatIntel

]]>https://board.circlewithadot.net/topic/8608bf50-c16e-4491-911f-c659182cb8d1/sysdig.com-lmdeploy-ssrf-vulnerability-cve-2026-33626-exploited-within-hours-of-disclosure-against-ai-inference-infrastructureRSS for NodeFri, 15 May 2026 07:51:36 GMTWed, 22 Apr 2026 17:41:59 GMT60