Browse all 5 CVE security advisories affecting comfyanonymous. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Comfyanonymous develops security-focused software with a core use case in providing privacy-preserving communication tools. Historically, the project has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues. The software has demonstrated security characteristics emphasizing anonymity but has faced incidents where improper input validation led to exploitable flaws. With five CVEs on record, these vulnerabilities typically stem from insufficient sanitization of user inputs and insecure default configurations. The project's security posture reflects ongoing challenges in balancing functionality with robust protection against common web application threats while maintaining its core privacy objectives.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12882 | SSRF in comfyanonymous/comfyui — comfyanonymous/comfyuiCWE-918 | 9.1 | - | 2025-03-20 |
| CVE-2024-10481 | Cross-Site Request Forgery (CSRF) in comfyanonymous/comfyui — comfyanonymous/comfyuiCWE-352 | 8.8 | - | 2025-03-20 |
| CVE-2024-10099 | Stored XSS in comfyanonymous/comfyui — comfyanonymous/comfyuiCWE-79 | 5.4AI | MediumAI | 2024-10-17 |
This page lists every published CVE security advisory associated with comfyanonymous. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.