CVE-2026-33626: How attackers exploited LMDeploy LLM Inference Engines in 12 hours

Sysdig observed active exploitation of CVE-2026-33626, an SSRF in LMDeploy, within 12 hours and 31 minutes of a GHSA publication; an attacker used the image_url vision-LLM primitive to fetch AWS IMDS, probe loopback services (Redis, MySQL, admin HTTP), and validate egress via an OOB DNS callback. The report includes a detailed exploitation timeline, target URLs and source IP IOC (103.116.72.119), detection recommendations (application and host-layer alerts, Falco rules), and mitigations (upgrade to v0.12.3, enforce IMDSv2, restrict egress, rotate role credentials).