Attackers Exploit Critical LMDeploy Vulnerability Within Hours of Disclosure
AI-generated from multiple sources. Verify before acting on this reporting.
LONDON (AP) — Cyber attackers successfully exploited a high-severity security flaw in the LMDeploy open-source project within 13 hours of its public disclosure, gaining unauthorized access to sensitive data and internal networks across multiple continents.
The vulnerability, identified as CVE-2026-33626, is a Server-Side Request Forgery (SSRF) issue that allows malicious actors to force a server to make requests to unintended destinations. Orca Security researcher Igor Stepansky discovered and reported the flaw, which was subsequently detected by Sysdig on infrastructure hosted by Amazon Web Services.
Security logs indicate the exploitation began shortly after the vulnerability was made public on April 24, 2026. Attackers originating from an IP address linked to 103.116.72[.]119 targeted systems in the United States, France, Japan, Canada, India, and China. The rapid weaponization of the flaw suggests threat actors were actively monitoring new vulnerability disclosures to deploy exploits before organizations could apply patches.
The SSRF vulnerability enabled attackers to access cloud metadata services, potentially exposing credentials and configuration data, as well as internal network resources that are typically shielded from external access. LMDeploy project maintainers have issued an advisory regarding the issue, urging users to update their systems immediately.
The incident highlights the increasing speed at which cybercriminals move to capitalize on newly disclosed security weaknesses. In the past, organizations often had a window of days or weeks to patch vulnerabilities before they were widely exploited. This event demonstrates a shift toward immediate exploitation, compressing the response time available to IT security teams.
Sysdig’s detection of the activity on AWS infrastructure provided early warning of the ongoing attacks. The source IP address involved in the campaign has been associated with previous malicious activity, though the specific threat group responsible has not been identified.
LMDeploy is a popular framework used for deploying large language models. The widespread adoption of the software means the vulnerability could impact a significant number of organizations relying on AI infrastructure. The maintainers are working to finalize and distribute a patch to mitigate the risk.
As of now, the full extent of the data compromised remains unknown. Security experts are advising organizations to audit their systems for signs of unauthorized access and to ensure all LMDeploy instances are updated to the latest version. The incident serves as a stark reminder of the challenges in securing rapidly evolving technology stacks against opportunistic attacks.