Llm

LMDeploy CVE-2026-33626: SSRF in LLM Inference Server Exploited 12 Hours After Disclosure, Honeypot Sees AWS IMDS Theft

A 7.5-severity SSRF in Shanghai AI Lab's LMDeploy LLM serving toolkit was hit in the wild within 12h31m of the GitHub advisory. Sysdig's honeypot caught an attacker using the vision-language image loader to scrape AWS instance metadata, then pivot to internal Redis and MySQL.