Package impact
PyPI / diffusers
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-44827 | high | 8.8 | 8.8 | 14d ago | Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trust_remote_code=True safeguard when loading pipelines from Hu… | |
| CVE-2026-44513 | high | 8.8 | 8.8 | 14d ago | Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trust_remote_code bypass in DiffusionPipeline.from_pretrained allows arbitrary remote code execution despite the user p… | |
| CVE-2026-45804 | high | — | 8.0 | 8d ago | Diffusers: TOCTOU Trust Remote Code Bypass |