CVE-2026-44513
Hugging Face · Diffusers
The Hugging Face Diffusers library is susceptible to a code injection vulnerability, allowing remote attackers to execute arbitrary code through malicious model inputs.
Executive summary
A critical code injection vulnerability in the Hugging Face Diffusers library could allow unauthenticated attackers to execute arbitrary code, threatening the security of environments running diffusion models.
Vulnerability
This vulnerability is classified as CWE-94: Improper Control of Generation of Code. An unauthenticated attacker can leverage this flaw to inject and execute arbitrary code by supplying crafted inputs to the library.
Business impact
The vulnerability carries a CVSS score of 8.8, reflecting its potential for total impact on confidentiality, integrity, and availability. Exploitation could allow attackers to gain control over systems utilizing the library, potentially leading to the theft of proprietary models or unauthorized access to underlying infrastructure.
Remediation
Immediate Action: Update the diffusers package via PyPI to version 0.38.0 or later.
Proactive Monitoring: Review application logs for anomalous execution patterns when processing external model files or untrusted user inputs.
Compensating Controls: Ensure that the library runs with the principle of least privilege, restricting its ability to execute system-level commands or access sensitive files.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
Given the high CVSS score and the potential for remote code execution, organizations should treat this update with high priority. Apply the patch to all environments where the Diffusers library is deployed to mitigate the risk of unauthorized system access.