CVE-2026-44513

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

CVE-2026-44513 Diffusers: `trust_remote_code` bypass via `custom_pipeline` and local custom components

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

diffusers 代码注入漏洞

Diffusers is an open-source diffusion model library developed by Hugging Face for generating images, audio, and 3D molecular structures. Versions of Diffusers prior to 0.38.0 contained a code injection vulnerability, which was caused by improper handling of the custompipeline parameter, potential...

diffusers 代码注入漏洞

diffusers is a generative model library for generating images, audio, and 3D molecular structures, open-sourced by Hugging Face. Versions of diffusers prior to 0.38.0 contained a code injection vulnerability, which was caused by a bypass of trustremotecode, potentially allowing arbitrary remote...

Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components

Impact A trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variants, all sharing the same root cause — the trustremotecode gate was...

aana (>=0.2.1 <=0.2.2), ace-step (=0.1.0) +227 more potentially affected by CVE-2026-44513 via diffusers (>=0.10.2 <=0.37.1)

diffusers PYPI version =0.10.2, =0.2.1, =1.8.20, =1.9.0, =0.0.0, =0.2.2, =0.0.2, =0.0.0, =0.1.0, =0.6.37, =0.0.4, =0.1.0, =0.1.0, =0.5.0 and more Source cves: CVE-2026-44513 Source advisory: OSV:GHSA-98H9-4798-4Q5V...

aana (>=0.2.1 <=0.2.2), ace-step (=0.1.0) +227 more potentially affected by CVE-2026-44513 +1 more via diffusers (>=0.10.2 <=0.37.1)

diffusers PYPI version =0.10.2, =0.2.1, =1.8.20, =1.9.0, =0.0.0, =0.2.2, =0.0.2, =0.0.0, =0.1.0, =0.6.37, =0.0.4, =0.1.0, =0.1.0, =0.5.0 and more Source cves: CVE-2026-44513, CVE-2026-44827 Source advisory: SNYK:PYTHON-DIFFUSERS-16439019...

Arbitrary Code Injection

Overview diffusers is a State-of-the-art diffusion in PyTorch and JAX. Affected versions of this package are vulnerable to Arbitrary Code Injection in the frompretrained fucntion when a repository contains a None.py file and the custompipeline argument is not supplied. An attacker can execute...

CVE-2025-14922

A flaw was found in Hugging Face Diffusers. This vulnerability allows remote attackers to execute arbitrary code on affected installations. Exploitation requires user interaction, where a target must visit a malicious page or open a malicious file. The issue stems from improper validation of...

Deserialization of Untrusted Data

Overview diffusers is a State-of-the-art diffusion in PyTorch and JAX. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the parsing process. An attacker can execute arbitrary code by providing specially crafted data that is deserialized without proper...

aana (>=0.2.1 <=0.2.2), abgrouponline (>=1.0.0 <=1.0.2) +573 more potentially affected by CVE-2025-14922 via diffusers (>=0.10.2 <=0.9.0)

diffusers PYPI version =0.10.2, =0.2.1, =1.0.0, =0.1.1, =0.2.1, =20260210.0.0, =0.2.14, =0.0.1, =0.0.3, =0.0.1, =1.8.20, =1.19.0 - ainothard =1.2.0 and more Source cves: CVE-2025-14922 Source advisory: SNYK:PYTHON-DIFFUSERS-14567485...

CVE-2025-14922

Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Diffusers. User interaction is required to exploit this vulnerability in that the...

CVE-2025-14922 Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Diffusers. User interaction is required to exploit this vulnerability in that the...

CVE-2025-14922

CVE-2025-14922 describes a deserialization of untrusted data vulnerability in Hugging Face Diffusers CogView4. The flaw lies in parsing checkpoints where insufficient validation allows deserialization of untrusted data, enabling remote code execution in the target process. Exploitation requires u...

CVE-2025-14922 Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Diffusers. User interaction is required to exploit this vulnerability in that the...

Hugging Face Diffusers 代码问题漏洞

Hugging Face Diffusers is a Python software library open-sourced by Hugging Face. A code issue vulnerability exists in Hugging Face Diffusers that stems from a lack of validation of user-supplied data when parsing checkpoints in CogView4, which could lead to deserialization of untrusted data and...

PT-2025-52380

Name of the Vulnerable Software and Affected Versions Hugging Face Diffusers versions affected versions not specified Description A flaw exists in Hugging Face Diffusers related to the parsing of checkpoints, allowing remote attackers to execute arbitrary code on affected installations. The issue...

(0Day) Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Diffusers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...