CONSENSUS WIRE
← Back to Tech & Science

Hackers Exploit LMDeploy Flaw Within Hours of Disclosure

Tech & ScienceAI-Generated & Algorithmically Scored·

AI-generated from multiple sources. Verify before acting on this reporting.

BEIJING — Unknown attackers exploited a critical security vulnerability in the open-source LMDeploy toolkit within 13 hours of its public disclosure, enabling the theft of cloud credentials and unauthorized scanning of internal networks.

The breach, detected on April 24, 2026, targeted the vision-language module of LMDeploy, a popular framework used for deploying large language models. Security researchers identified the flaw as CVE-2026-33626, a high-severity Server-Side Request Forgery (SSRF) vulnerability. The rapid exploitation suggests automated scanning tools or threat actors were actively monitoring newly disclosed vulnerabilities.

Incidents were primarily observed on Amazon Web Services (AWS) infrastructure globally. Network traffic analysis traced the source of the malicious requests to IP addresses geolocated in China. The attackers leveraged the SSRF flaw to access sensitive cloud metadata services, allowing them to extract temporary security credentials and map internal network structures.

LMDeploy developers disclosed the vulnerability on April 24, 2026, at 07:27 UTC. By 20:27 UTC the same day, evidence of active exploitation emerged. The attackers used the compromised credentials to attempt lateral movement within affected cloud environments. While no data exfiltration has been confirmed, the access to internal metadata services poses a significant risk to cloud security.

The vulnerability allows remote attackers to force the server to make requests to internal services that should not be exposed to the public internet. In this case, the attackers targeted the cloud provider's metadata service endpoint, which often contains temporary access keys for cloud resources. The speed of the exploitation highlights the danger of zero-day and one-day vulnerabilities in widely used open-source libraries.

Security experts warn that organizations using LMDeploy should immediately apply patches or disable the affected vision-language module. The incident underscores the importance of rapid patch management and the risks associated with exposing development tools to the internet.

It remains unclear how many organizations were affected or if any data was successfully exfiltrated. The attackers' motives and affiliation are also unknown. Further investigation is ongoing to determine the full scope of the compromise and whether other cloud providers were targeted.

The LMDeploy team has released a patch for the vulnerability, urging users to update their systems immediately. Cloud providers are also advised to monitor for suspicious activity related to metadata service access. The incident serves as a stark reminder of the rapid pace at which cyber threats can evolve and the critical need for proactive security measures.

As of now, no major data breaches have been reported, but the potential for further exploitation remains high. Security teams worldwide are advised to review their cloud configurations and ensure that all open-source dependencies are up to date. The situation continues to develop as more details emerge about the scope and impact of the attack.