ByteOS Network

CVE Vulnerability Details :

CVE-2026-46517

PUBLISHED

More Info Official Page

Assigner-GitHub_M

Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa

Published At-09 Jun, 2026 | 23:05

Updated At-09 Jun, 2026 | 23:05

▼CVE Numbering Authority (CNA)

LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trust_remote_code=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches.

Affected Products

Vendor

InternLM

Product

lmdeploy

Versions

Affected

<= 0.12.3

Problem Types

Type	CWE ID	Description
CWE	CWE-94	CWE-94: Improper Control of Generation of Code ('Code Injection')
CWE	CWE-915	CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes
CWE	CWE-1188	CWE-1188: Insecure Default Initialization of Resource

Type: CWE

CWE ID: CWE-94

Description: CWE-94: Improper Control of Generation of Code ('Code Injection')

Type: CWE

CWE ID: CWE-915

Description: CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes

Type: CWE

CWE ID: CWE-1188

Description: CWE-1188: Insecure Default Initialization of Resource

Metrics

Version	Base score	Base severity	Vector
3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

Hyperlink	Resource
https://github.com/InternLM/lmdeploy/security/advisories/GHSA-9xq9-36w5-q796	x_refsource_CONFIRM

Hyperlink: https://github.com/InternLM/lmdeploy/security/advisories/GHSA-9xq9-36w5-q796

Resource:

x_refsource_CONFIRM

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References