PatchSiren cyber security CVE debrief
CVE-2026-46432 InternLM CVE debrief
LMDeploy, a toolkit for compressing, deploying, and serving large language models, is vulnerable to arbitrary code execution. This vulnerability is due to hardcoded 'trust_remote_code=True' in multiple HuggingFace model-loading call sites in versions 0.12.3 and prior. The vulnerability has a CVSS score of 7.8 and is classified as HIGH severity.
- Vendor
- InternLM
- Product
- lmdeploy
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Users of LMDeploy versions 0.12.3 and prior should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by hardcoded 'trust_remote_code=True' in multiple HuggingFace model-loading call sites. This allows for arbitrary code execution, which can lead to severe consequences.
Defensive priority
HIGH
Recommended defensive actions
- Update to a patched version of LMDeploy as soon as available.
- Review and restrict model loading configurations to prevent arbitrary code execution.
Evidence notes
At time of publication, there are no publicly available patches.
Official resources
-
CVE-2026-46432 CVE record
CVE.org
-
CVE-2026-46432 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-46432 was published on 2026-06-10T00:16:53.557Z and modified on 2026-06-10T20:19:06.020Z.