A high-severity security flaw in LMDeploy, an open-source
toolkit for compressing, deploying, and serving LLMs, has come
under active exploitation in the wild less than 13 hours after its
public disclosure. The vulnerability, tracked as CVE-2026-33626
(CVSS score: 7.5), relates to a Server-Side Request Forgery (SSRF)
vulnerability that could be exploited to access sensitive data. "A
server-side
Read more https://thehackernews.com/2026/04/lmdeploy-cve-2026-33626-flaw-exploited.html
