CVE-2026-44513

Hugging Face · Diffusers

The Hugging Face Diffusers library is susceptible to a code injection vulnerability, allowing remote attackers to execute arbitrary code through malicious model inputs.

Executive summary

A critical code injection vulnerability in the Hugging Face Diffusers library could allow unauthenticated attackers to execute arbitrary code, threatening the security of environments running diffusion models.

Vulnerability

This vulnerability is classified as CWE-94: Improper Control of Generation of Code. An unauthenticated attacker can leverage this flaw to inject and execute arbitrary code by supplying crafted inputs to the library.

Business impact

The vulnerability carries a CVSS score of 8.8, reflecting its potential for total impact on confidentiality, integrity, and availability. Exploitation could allow attackers to gain control over systems utilizing the library, potentially leading to the theft of proprietary models or unauthorized access to underlying infrastructure.

Remediation

Immediate Action: Update the diffusers package via PyPI to version 0.38.0 or later.

Proactive Monitoring: Review application logs for anomalous execution patterns when processing external model files or untrusted user inputs.

Compensating Controls: Ensure that the library runs with the principle of least privilege, restricting its ability to execute system-level commands or access sensitive files.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

Given the high CVSS score and the potential for remote code execution, organizations should treat this update with high priority. Apply the patch to all environments where the Diffusers library is deployed to mitigate the risk of unauthorized system access.