CVE-2025-67729
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-67729
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-67729.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-67729
- Aliases
- Published
- 2025-12-26T21:54:10.137Z
- Modified
- 2026-01-03T05:45:21.590682Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load()
- Details
-
LMDeploy is a toolkit for compressing, deploying, and serving LLMs. Prior to version 0.11.1, an insecure deserialization vulnerability exists in lmdeploy where torch.load() is called without the weights_only=True parameter when loading model checkpoint files. This allows an attacker to execute arbitrary code on the victim's machine when they load a malicious .bin or .pt model file. This issue has been patched in version 0.11.1.
- Database specific
{ "cwe_ids": [ "CWE-502" ], "cna_assigner": "GitHub_M", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/67xxx/CVE-2025-67729.json" }- References
Affected packages
Git / github.com/internlm/lmdeploy
Affected ranges
- Type
- GIT
- Repo
- https://github.com/internlm/lmdeploy
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.6.5
v0.*
v0.0.10
v0.0.11
v0.0.12
v0.0.13
v0.0.14
v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.0.6
v0.0.7
v0.0.8
v0.0.9
v0.1.0
v0.1.0a0
v0.1.0a1
v0.1.0a2
v0.10.0
v0.10.1
v0.10.2
v0.11.0
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.3.0
v0.4.0
v0.4.1
v0.4.2
v0.5.0
v0.5.1
v0.5.2
v0.5.2.post1
v0.5.3
v0.6.0
v0.6.0a0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.7.0
v0.7.0.post1
v0.7.0.post2
v0.7.0.post3
v0.7.1
v0.7.2
v0.7.2.post1
v0.8.0
v0.9.0
v0.9.1
v0.9.2