CVE-2025-67729 HIGH

CVE-2025-67729: lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load()

Vendor Internlm
Product lmdeploy
Weakness CWE-502 · Unsafe deserialization
Published December 26, 2025
Last update December 26, 2025

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

LMDeploy is a toolkit for compressing, deploying, and serving LLMs. Prior to version 0.11.1, an insecure deserialization vulnerability exists in lmdeploy where torch.load() is called without the weights_only=True parameter when loading model checkpoint files. This allows an attacker to execute arbitrary code on the victim's machine when they load a malicious .bin or .pt model file. This issue has been patched in version 0.11.1.

Key dates

02Disclosure timeline

December 26, 2025 CVE published
December 26, 2025 Record updated

Related vulnerabilities

04Related CVE