Executive Summary

This vulnerability is a flaw in ComfyUI up to version 0.13.0, specifically in the function folder_paths.get_annotated_filepath within the file folder_paths.py of the LoadImage Node component.

The issue arises from manipulation of the argument 'Name' which leads to a path traversal vulnerability. This means an attacker can craft input to access files and directories outside the intended scope.

The vulnerability can be exploited remotely, and an exploit has already been published.

Useful 0 Not Useful 0

Compliance Impact

CVE-2026-6591 allows unauthenticated remote attackers to perform arbitrary file existence checks and exfiltrate image files from the affected ComfyUI server. This can lead to unauthorized access to sensitive data stored on the server.

Such unauthorized data exposure and potential leakage can negatively impact compliance with data protection regulations and standards like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and disclosure.

Specifically, the vulnerability enables attackers to bypass input validation and path restrictions, potentially exposing confidential files, which could result in violations of confidentiality and data protection requirements mandated by these regulations.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by attempting to probe arbitrary file existence and exfiltrate image files via the `/prompt` API of ComfyUI. An attacker can send crafted POST requests to the `/prompt` endpoint with payloads specifying path traversal filenames to check if files exist on the server.

A proof of concept (PoC) bash script demonstrates detection by:

• Clearing cache
• Sending a POST request to probe for the existence of `/etc/passwd`
• Sending a POST request to probe a non-existent file to observe different HTTP status codes
• Attempting to exfiltrate an image file from a known location (e.g., `/tmp/secret_image.png`) via chaining `LoadImage` and `PreviewImage` nodes

The server responds with HTTP 200 if the file exists and HTTP 400 if it does not, allowing detection by observing these response codes.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows an attacker to perform path traversal, potentially accessing unauthorized files on the system where ComfyUI is running.

Since the exploit can be executed remotely, it increases the risk of unauthorized data exposure or manipulation.

However, the CVSS scores indicate a relatively low severity, with limited impact on confidentiality and no impact on integrity or availability.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate the CVE-2026-6591 vulnerability, immediate steps include restricting or disabling access to the vulnerable `/prompt` API endpoint to prevent unauthenticated remote exploitation.

Implement strict input validation and path containment checks on any user-supplied file paths to ensure they cannot escape the intended directory.

If possible, restrict network access to the ComfyUI service to trusted users only, reducing exposure to unauthenticated attackers.

Monitor and audit server logs for suspicious requests attempting path traversal patterns.

Since no patched versions are available at the time of the report, consider applying custom patches or workarounds to the vulnerable functions, such as enforcing directory confinement in `get_annotated_filepath`.

Useful 0 Not Useful 0