CVE-2026-6591 in ComfyUI
Summary
by MITRE • 04/20/2026
A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_filepath of the file folder_paths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 05/18/2026
The vulnerability identified in ComfyUI version 0.13.0 represents a critical path traversal flaw within the folder_paths.get_annotated_filepath function located in folder_paths.py. This security weakness specifically affects the LoadImage Node component and stems from inadequate input validation when processing the argument name parameter. The flaw allows attackers to manipulate file paths through malicious input, potentially enabling unauthorized access to sensitive system resources. The vulnerability's classification aligns with CWE-22 Path Traversal and CWE-77 Path Traversal in the Common Weakness Enumeration catalog, which categorizes path traversal attacks as persistent security risks in software systems. The issue manifests when the application fails to properly sanitize user-supplied input before using it in file system operations, creating opportunities for attackers to navigate beyond intended directories.
The operational impact of this vulnerability extends significantly in remote exploitation scenarios where attackers can leverage the path traversal flaw to access arbitrary files on the system. The published exploit demonstrates that threat actors can already target this weakness without requiring any special privileges or advanced technical skills. This makes the vulnerability particularly dangerous as it can be exploited by malicious actors with minimal effort to gain unauthorized access to system resources. The LoadImage Node represents a common entry point in ComfyUI workflows, making the vulnerability accessible through typical image loading operations that many users perform regularly. Attackers could potentially extract configuration files, source code, or other sensitive data from the system, depending on the privileges of the ComfyUI process.
Security practitioners should immediately implement mitigations including input validation and sanitization of all user-supplied parameters before they are processed by file system functions. The recommended approach involves implementing strict path validation that rejects any input containing directory traversal sequences such as .. or \. Additionally, the application should enforce proper access controls and implement principle of least privilege for the ComfyUI process to minimize potential damage from successful exploitation. Organizations should also consider implementing network segmentation and monitoring for suspicious file access patterns. This vulnerability demonstrates the importance of proper input validation in web applications and highlights the risks associated with file system operations in development environments. The lack of vendor response despite early notification underscores the critical need for organizations to maintain independent security assessments and implement defensive measures proactively. The ATT&CK framework categorizes this type of vulnerability under T1059 Command and Scripting Interpreter and T1566 Phishing, as attackers can leverage such flaws to establish persistent access to target systems and escalate privileges through system reconnaissance activities.