CVE-2024-31462: stable-diffusion-webui is a web interface for Stable Diffusion, implemented using Gradio library. Stable-diffusion-webui
Summary
Stable-diffusion-webui version 1.7.0 has a vulnerability where user input from the Backup/Restore tab is not properly validated before being used to create file paths, allowing attackers to write JSON files to arbitrary locations on Windows systems where the web server has access. This is a limited file write vulnerability (a security flaw that lets attackers create or modify files in unintended locations) that could let an attacker place malicious files on the server.
Vulnerability Details
6.3(medium)
EPSS: 0.2%
Classification
Affected Vendors
Related Issues
CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne
CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-31462
First tracked: February 15, 2026 at 08:47 PM
Classified by LLM (prompt v3) · confidence: 92%