CVE-2026-40086

Rembg is a tool to remove images background. Prior to 2.0.75, a path traversal vulnerability in the rembg HTTP server allows unauthenticated remote attackers to read arbitrary files from the server's filesystem. By sending a crafted request with a malicious modelpath parameter, an attacker can...

adversarial-attacks-white-black-box (=0.1.7), datagenkit (=0.1.1) +37 more potentially affected by unknown CVE via rembg (>=2.0.57 <=2.0.69)

rembg PYPI version =2.0.57, =0.0.3, =1.0.0, =1.9.2, =5.1.6, =2.12.0, =1.0.0, =0.1.0, =1.0.3, =0.0.7, =2.0.0, =1.0.0, =1.0.0, =1.0.4 and more Source cves: unknown CVE Source advisory: OSV:GHSA-55V6-G8PM-PW4C...

adversarial-attacks-white-black-box (=0.1.7), datagenkit (=0.1.1) +37 more potentially affected by unknown CVE via rembg (>=2.0.57 <=2.0.69)

rembg PYPI version =2.0.57, =0.0.3, =1.0.0, =1.9.2, =5.1.6, =2.12.0, =1.0.0, =0.1.0, =1.0.3, =0.0.7, =2.0.0, =1.0.0, =1.0.0, =1.0.4 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-REMBG-15990989...

adversarial-attacks-white-black-box (=0.1.7), datagenkit (=0.1.1) +37 more potentially affected by CVE-2026-40086 via rembg (>=2.0.57 <=2.0.69)

rembg PYPI version =2.0.57, =0.0.3, =1.0.0, =1.9.2, =5.1.6, =2.12.0, =1.0.0, =0.1.0, =1.0.3, =0.0.7, =2.0.0, =1.0.0, =1.0.0, =1.0.4 and more Source cves: CVE-2026-40086 Source advisory: OSV:GHSA-3WQJ-33CG-XC48...

adversarial-attacks-white-black-box (=0.1.7), datagenkit (=0.1.1) +37 more potentially affected by CVE-2026-40086 via rembg (>=2.0.57 <=2.0.69)

rembg PYPI version =2.0.57, =0.0.3, =1.0.0, =1.9.2, =5.1.6, =2.12.0, =1.0.0, =0.1.0, =1.0.3, =0.0.7, =2.0.0, =1.0.0, =1.0.0, =1.0.4 and more Source cves: CVE-2026-40086 Source advisory: SNYK:PYTHON-REMBG-15969263...

Rembg 安全漏洞

Rembg is a tool developed by Daniel Gatis for deleting image backgrounds. Versions of Rembg prior to 2.0.75 contained security vulnerabilities, which were caused by insufficient validation of the HTTP server’s modelpath parameter, potentially allowing path traversal attacks...

Origin Validation Error

Rembg is vulnerable to Origin Validation Error. The vulnerability is due to improper CORS middleware configuration, which reflects all origins and sets allowcredentials to True, allowing any website to send authenticated cross-site requests to the Rembg server...

Server Side Request Forgery (SSRF)

Rembg is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to insufficient validation of user-supplied URLs, allowing an attacker to request internal network resources via the /api/remove endpoint...

adversarial-attacks-white-black-box (=0.1.7) potentially affected by CVE-2025-25302 via rembg (=2.0.57)

rembg PYPI version =2.0.57 is affected by a known vulnerability. The following packages have a transitive dependency on rembg and may be impacted: - adversarial-attacks-white-black-box =0.1.7 Source cves: CVE-2025-25302 Source advisory: OSV:GHSA-59QH-FMM7-3G9Q...

adversarial-attacks-white-black-box (=0.1.7) potentially affected by CVE-2025-25301 via rembg (=2.0.57)

rembg PYPI version =2.0.57 is affected by a known vulnerability. The following packages have a transitive dependency on rembg and may be impacted: - adversarial-attacks-white-black-box =0.1.7 Source cves: CVE-2025-25301 Source advisory: OSV:GHSA-R5GX-C49X-H878...

GHSA-R5GX-C49X-H878 Rembg allows SSRF via /api/remove

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

Rembg allows SSRF via /api/remove

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

CVE-2025-25301

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

adversarial-attacks-white-black-box (=0.1.7), americodraws (>=0.1.0 <=0.1.5) +87 more potentially affected by CVE-2025-25302 via rembg (>=2.0.57 <=2.0.75)

rembg PYPI version =2.0.57, =0.1.0, =0.0.64, =0.3.3, =0.1.0, =0.1.0, =2.0.2, =0.0.1, =0.0.7 and more Source cves: CVE-2025-25302 Source advisory: SNYK:PYTHON-REMBG-9296365...

Origin Validation Error

Overview rembg is a Remove image background Affected versions of this package are vulnerable to Origin Validation Error in the addmiddleware function in scommand.py, which reflects all origins by default. Due to the allowcredentials=True setting, an attacker can send authenticated cross-site...

CVE-2025-25302

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to the rembg server and thus query any API. Even if authentication were to be enabled, allowcredentia...

adversarial-attacks-white-black-box (=0.1.7) potentially affected by CVE-2025-25301 via rembg (=2.0.57)

rembg PYPI version =2.0.57 is affected by a known vulnerability. The following packages have a transitive dependency on rembg and may be impacted: - adversarial-attacks-white-black-box =0.1.7 Source cves: CVE-2025-25301 Source advisory: OSV:PYSEC-2025-24...

CVE-2025-25301 Rembg allows SSRF via /api/remove

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

Rembg 访问控制错误漏洞

Rembg is a tool for removing image backgrounds by the individual developer Daniel Gatis. An access control error vulnerability exists in Rembg version 2.0.57 and earlier, which stems from a misconfiguration of the CORS middleware that allows any website to send cross-site requests, potentially...