LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

/in

A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild less than 13 hours after its public disclosure.
The vulnerability, tracked as CVE-2026-33626 (CVSS score: 7.5), relates to a Server-Side Request Forgery (SSRF) vulnerability that could be exploited to access sensitive data.
“A server-side

The Hacker News – ​Read More

Bitwarden NPM Package Hit in Supply Chain AttackInside agenteV2: How Brazilian Attackers Use Fake Court Summons to Steal Banking Credentials in Real Time Inside agenteV2: How Brazilian Attackers Use Fake Court Summons to Steal Banking...