Browse all 4 CVE security advisories affecting InternLM. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-33626 | LMDeploy Vulnerable to Server-Side Request Forgery (SSRF) via Vision-Language Image Loading — lmdeployCWE-918 | 7.5 | High | 2026-04-20 |
| CVE-2025-67729 | lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load() — lmdeployCWE-502 | 8.8 | High | 2025-12-26 |
| CVE-2025-3163 | InternLM LMDeploy conf.py open code injection — LMDeployCWE-94 | 5.3 | Medium | 2025-04-03 |
| CVE-2025-3162 | InternLM LMDeploy PT File utils.py load_weight_ckpt deserialization — LMDeployCWE-502 | 5.3 | Medium | 2025-04-03 |
This page lists every published CVE security advisory associated with InternLM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.