PatchSiren cyber security CVE debrief
CVE-2026-46517 InternLM CVE debrief
CVE-2026-46517 is a high-severity vulnerability in LMDeploy, a toolkit for compressing, deploying, and serving large language models. The vulnerability has a CVSS score of 7.8 and is classified as HIGH. It was published on 2026-06-10T00:16:53.827Z and modified on 2026-06-11T12:16:31.507Z. The vulnerability is caused by hardcoded 'trust_remote_code=True' which enables HF supply-chain RCE without user opt-in. At the time of publication, there are no publicly available patches. The CVE record can be found at [cve-org]. More information is available at [nvd]. The source item URL is [source-item]. A related security advisory can be found at [ref-4].
- Vendor
- InternLM
- Product
- lmdeploy
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-11
Who should care
Users of LMDeploy, especially those who use it to deploy and serve large language models, should be aware of this vulnerability and take necessary precautions to mitigate the risk.
Technical summary
The vulnerability is caused by hardcoded 'trust_remote_code=True' in LMDeploy versions 0.12.3 and prior. This enables HF supply-chain RCE without user opt-in.
Defensive priority
HIGH
Recommended defensive actions
- Users of LMDeploy should review their configurations and consider upgrading to a patched version when available.
- In the meantime, users can consider setting 'trust_remote_code=False' to mitigate the risk.
Evidence notes
The vulnerability has been reported and verified by the CVE and NVD.
Official resources
-
CVE-2026-46517 CVE record
CVE.org
-
CVE-2026-46517 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-46517 was published on 2026-06-10T00:16:53.827Z and modified on 2026-06-11T12:16:31.507Z.