CVE-2026-13493

LOW SEVERITY

CVSS Score & Metrics

Base Score

3.1 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N                                    

Vulnerability Description

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversation_api.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.

Vulnerability Details

Published Date

June 28, 2026

Last Modified

June 28, 2026

CWE ID

CWE-99

Source

NVD

Vendor

AIDC-AI

Product

ComfyUI-Copilot

External References

https://github.com/AIDC-AI/ComfyUI-Copilot/
https://github.com/AIDC-AI/ComfyUI-Copilot/issues/149
https://github.com/AIDC-AI/ComfyUI-Copilot/pull/150
https://vuldb.com/cve/CVE-2026-13493
https://vuldb.com/submit/838497
https://vuldb.com/vuln/374489
https://vuldb.com/vuln/374489/cti

CVE-2026-13493

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment