CVE-2025-67303

HIGH NUCLEI

ComfyUI-Manager <3.38 - Info Disclosure

Title source: llm

Description

An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface

Exploits (6)

nomisec

by wcnmwcis · poc

https://github.com/wcnmwcis/CVE-2026-22777

View on nomisec

nomisec WORKING POC

by Remnant-DB · poc

https://github.com/Remnant-DB/CVE-2025-67303

View Code ZIP pw:eip

nomisec WORKING POC

by materaj2 · poc

https://github.com/materaj2/exploit_cve_2025_67303

View Code ZIP pw:eip

nomisec STUB

by ExploreUnknowed · poc

https://github.com/ExploreUnknowed/CVE-2025-67303

View Code ZIP pw:eip

nomisec TROJAN

by maybe-O · poc

https://github.com/maybe-O/CVE-2025-67303

View Code ZIP pw:eip

nomisec STUB

by joker-xiaoyan · poc

https://github.com/joker-xiaoyan/CVE-2025-67303

View Code ZIP pw:eip

Nuclei Templates (1)

ComfyUI-Manager < 3.38 - Configuration Overwrite

CRITICALVERIFIEDby maciejklimek

Shodan: http.title:"ComfyUI"

References (2)

[Exploit, Third Party Advisory] https://github.com/Comfy-Org/ComfyUI-Manager/blob/main/docs/en/v3.38-userdata-security-migration.md

[Patch] https://github.com/Comfy-Org/ComfyUI-Manager/pull/2338/commits/e44c5cef58fb4973670b86433b9d24d077b44a26

Scores

CVSS v3 7.5

EPSS 0.0167

EPSS Percentile 82.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-420

Status published

Products (1)

comfy/comfyui-manager < 3.38

Published Jan 05, 2026

Tracked Since Feb 18, 2026