CVE-2026-6593 | ComfyUI up to 0.13.0 View Endpoint server.py cross site scripting

Inserito da Angelo Barbosa | Apr 19, 2026 | CVE

A vulnerability identified as problematic has been detected in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py of the component View Endpoint. Performing a manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-6593. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-6593 | ComfyUI up to 0.13.0 View Endpoint server.py cross site scripting

Post correlati

CVE-2024-52973 | Elastic Kibana up to 7.17.22/8.14.1 /api/log_entries/summary allocation of resources

CVE-2025-5163 | yangshare 技术杨工 warehouseManager 仓库管理系统 1.0 access control

CVE-2024-30427 | Spiffy Calendar Plugin up to 4.9.7 on WordPress cross site scripting

CVE-2024-27711 | Eskooly Free Online School Management Software up to 3.0 Sign Up Privilege Escalation