EUVD-2026-23737

A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/usermanager.py of the component userdata Endpoint. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclose...

CVE-2026-6590

ComfyUI (up to version 0.13.0) contains a path traversal vulnerability in the Model Preview Endpoint (get_model_preview in app/model_manager.py). The issue can be triggered remotely, and an exploit is publicly available. Impact details are described in the CVE entries, but remediation steps are n...

ComfyUI 安全漏洞

ComfyUI is the most powerful and modular diffusion model GUI and backend developed by comfyanonymous individuals. Versions of ComfyUI prior to 0.13.0 contain security vulnerabilities, which stem from improper handling of parameter names in the folderpaths.getannotatedfilepath function within fold...

EUVD-2025-18346

Malicious code in bioql PyPI...

EUVD-2025-18919

Malicious code in bioql PyPI...

EUVD-2025-18364

Malicious code in bioql PyPI...

CVE-2025-6092

A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site...

CVE-2025-6107 comfyanonymous comfyui utils.py set_attr dynamically-determined object attributes

A vulnerability was found in comfyanonymous comfyui 0.3.40. It has been classified as problematic. Affected is the function setattr of the file /comfy/utils.py. The manipulation leads to dynamically-determined object attributes. It is possible to launch the attack remotely. The complexity of an...

CVE-2025-6107

CVE-2025-6107 affects comfyanonymous comfyui 0.3.40. The vulnerability is in the function set_attr of /comfy/utils.py, enabling manipulation of dynamically-determined object attributes. The issue can be triggered remotely with high attack complexity and no privileges required; PoC exploits have b...

CVE-2025-6092

A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site...

CVE-2025-6092 comfyanonymous comfyui Incomplete Fix CVE-2024-10099 image cross site scripting

A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site...

ComfyUI 代码注入漏洞

ComfyUI is one of the most powerful and modular diffusion model GUI and backend from comfyanonymous individual developers. A code injection vulnerability exists in ComfyUI version 0.3.39 and earlier, which stems from a cross-site scripting attack due to the incorrect manipulation of the parameter...

CVE-2024-12882 SSRF in comfyanonymous/comfyui

comfyanonymous/comfyui version v0.2.4 suffers from a non-blind Server-Side Request Forgery SSRF vulnerability. This vulnerability can be exploited by combining the REST APIs POST /internal/models/download and GET /view, allowing attackers to abuse the victim server's credentials to access...

CVE-2024-21576

ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in the BuildColorRangeHSVAdvanced, FilterContour and FindContour custom nodes. In the entrypoint function to each node, there’s a call to eval which can be triggered by generating a workflow that injects ...

ComfyUI Cross-Site Scripting Vulnerability

ComfyUI is one of the most powerful and modular diffusion model GUI and backend for comfyanonymous individual developers. A cross-site scripting vulnerability exists in ComfyUI version 0.2.2 and prior versions, which can be exploited by an attacker to cause arbitrary JavaScript code to be execute...

CVE-2024-10099

A stored cross-site scripting XSS vulnerability exists in comfyanonymous/comfyui version 0.2.2 and possibly earlier. The vulnerability occurs when an attacker uploads an HTML file containing a malicious XSS payload via the /api/upload/image endpoint. The payload is executed when the file is viewe...

PT-2024-16025 · Comfyui · Comfyui

Name of the Vulnerable Software and Affected Versions: comfyanonymous/comfyui version 0.2.2 and possibly earlier Description: A stored cross-site scripting XSS issue exists, allowing an attacker to upload an HTML file with a malicious XSS payload via the "/api/upload/image" endpoint. The payload ...