CVE-2025-67303
Published: 05 January 2026
Summary
CVE-2025-67303 is a high-severity Unprotected Alternate Channel (CWE-420) vulnerability in Comfy Comfyui-Manager. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 24.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as LLM Application Platforms; in the Supply Chain and Deployment risk domain.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and CM-12 (Information Location).
Deeper analysis
ComfyUI-Manager versions prior to 3.38 contain a vulnerability tracked as CVE-2025-67303 and CWE-420, in which the application stores configuration and critical data files in a location that remains accessible through the web interface. The flaw received a CVSS 7.5 rating reflecting network attack vector, low complexity, and no required authentication or user interaction, resulting in high integrity impact without confidentiality or availability effects.
Unauthenticated remote attackers can therefore reach and alter these files directly over the network, enabling manipulation of the manager's configuration and other sensitive data stored by the application.
The referenced migration documentation and commit for version 3.38 describe the corrective steps, including relocation of user data to a properly protected directory and associated configuration changes required after upgrading.
EPSS for the CVE rose from a low baseline to a recorded peak of 0.0167, indicating that exploitation interest increased after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-0815
Vulnerability details
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface
- CWE(s)
AI Security AnalysisAI
- AI Category
- LLM Application Platforms
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: comfyui
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct remote unauthenticated file manipulation via exposed web-accessible storage in a public-facing application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces approved authorizations for access to system resources like configuration files, directly preventing unauthorized web interface manipulation.
Requires identification and protection of critical information locations, such as configuration files stored in web-accessible directories.
Mandates secure configuration settings for applications to restrict web interface access to sensitive file storage locations.