CVE-2025-67729

Published: Dec 26, 2025Modified: Dec 31, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: security-advisories@github.com (Secondary)

Description

LMDeploy is a toolkit for compressing, deploying, and serving LLMs. Prior to version 0.11.1, an insecure deserialization vulnerability exists in lmdeploy where torch.load() is called without the weights_only=True parameter when loading model checkpoint files. This allows an attacker to execute arbitrary code on the victim's machine when they load a malicious .bin or .pt model file. This issue has been patched in version 0.11.1.

Affected (1)

Products: Internlm: Lmdeploy

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Internlm Lmdeploy	Before 0.11.1

Related CWEs

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (3)

https://github.com/InternLM/lmdeploy/commit/eb04b4281c5784a5cff5ea639c8f96b33b3ae5ee

Source: security-advisories@github.com

Patch

https://github.com/InternLM/lmdeploy/security/advisories/GHSA-9pf3-7rrr-x5jh

Source: security-advisories@github.com

Vendor Advisory

https://github.com/InternLM/lmdeploy/security/advisories/GHSA-9pf3-7rrr-x5jh

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Vendor Advisory

Timeline

No history available yet.