HIGH 7.5 PyPI
GHSA-7wx4-6vff-v64p · CVE-2026-45804 Diffusers: TOCTOU Trust Remote Code Bypass
Modified: 6/8/2026
package
PyPI / diffusers
pkg:pypi/diffusers
HIGH 8.8 PyPI
GHSA-98h9-4798-4q5v · CVE-2026-44513, PYSEC-2026-40 Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components
Modified: 6/5/2026
HIGH 8.8 PyPI
PYSEC-2026-40 · CVE-2026-44513, GHSA-98h9-4798-4q5v Modified: 5/20/2026
HIGH 8.8 PyPI
PYSEC-2026-41 · CVE-2026-44827, GHSA-j7w6-vpvq-j3gm Modified: 5/20/2026