{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49669?format=json","vulnerability_id":"VCID-cuuh-yk7d-ufc4","summary":"ComfyUI-Manager is Vulnerable to CRLF Injection in Configuration Handler\n**Vulnerability Type**: CRLF Injection via ConfigParser\n\nAn attacker can inject special characters into HTTP query parameters to add arbitrary configuration values to the `config.ini` file. This can lead to security setting tampering or modification of application behavior.\n\n**Affected Users**: Users running ComfyUI-Manager in environments where ComfyUI is configured with the `--listen` option to allow remote access.\n\n**CVSS Score**: 7.5 (High)","aliases":[{"alias":"CVE-2026-22777"},{"alias":"GHSA-562r-8445-54r2"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931131?format=json","purl":"pkg:pypi/comfy-cli@0.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/931132?format=json","purl":"pkg:pypi/comfy-cli@0.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/931133?format=json","purl":"pkg:pypi/comfy-cli@0.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/931134?format=json","purl":"pkg:pypi/comfy-cli@0.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/931135?format=json","purl":"pkg:pypi/comfy-cli@0.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/931136?format=json","purl":"pkg:pypi/comfy-cli@0.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/931137?format=json","purl":"pkg:pypi/comfy-cli@0.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/931138?format=json","purl":"pkg:pypi/comfy-cli@0.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/931139?format=json","purl":"pkg:pypi/comfy-cli@0.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/931140?format=json","purl":"pkg:pypi/comfy-cli@0.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/931141?format=json","purl":"pkg:pypi/comfy-cli@0.0.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.18"},{"url":"http://public2.vulnerablecode.io/api/packages/931142?format=json","purl":"pkg:pypi/comfy-cli@0.0.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.19"},{"url":"http://public2.vulnerablecode.io/api/packages/931143?format=json","purl":"pkg:pypi/comfy-cli@0.0.20.dev0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.20.dev0"},{"url":"http://public2.vulnerablecode.io/api/packages/931144?format=json","purl":"pkg:pypi/comfy-cli@0.0.20.dev1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.20.dev1"},{"url":"http://public2.vulnerablecode.io/api/packages/931145?format=json","purl":"pkg:pypi/comfy-cli@0.0.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.20"},{"url":"http://public2.vulnerablecode.io/api/packages/931146?format=json","purl":"pkg:pypi/comfy-cli@0.0.21.dev0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21.dev0"},{"url":"http://public2.vulnerablecode.io/api/packages/931147?format=json","purl":"pkg:pypi/comfy-cli@0.0.21.dev1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21.dev1"},{"url":"http://public2.vulnerablecode.io/api/packages/931148?format=json","purl":"pkg:pypi/comfy-cli@0.0.21.dev2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21.dev2"},{"url":"http://public2.vulnerablecode.io/api/packages/931149?format=json","purl":"pkg:pypi/comfy-cli@0.0.21.dev3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21.dev3"},{"url":"http://public2.vulnerablecode.io/api/packages/931150?format=json","purl":"pkg:pypi/comfy-cli@0.0.21.dev4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21.dev4"},{"url":"http://public2.vulnerablecode.io/api/packages/931151?format=json","purl":"pkg:pypi/comfy-cli@0.0.21.dev8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21.dev8"},{"url":"http://public2.vulnerablecode.io/api/packages/931152?format=json","purl":"pkg:pypi/comfy-cli@0.0.21.dev9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21.dev9"},{"url":"http://public2.vulnerablecode.io/api/packages/931153?format=json","purl":"pkg:pypi/comfy-cli@0.0.21.dev13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21.dev13"},{"url":"http://public2.vulnerablecode.io/api/packages/931154?format=json","purl":"pkg:pypi/comfy-cli@0.0.21.dev14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21.dev14"},{"url":"http://public2.vulnerablecode.io/api/packages/931155?format=json","purl":"pkg:pypi/comfy-cli@0.0.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.21"},{"url":"http://public2.vulnerablecode.io/api/packages/931156?format=json","purl":"pkg:pypi/comfy-cli@0.0.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.22"},{"url":"http://public2.vulnerablecode.io/api/packages/931157?format=json","purl":"pkg:pypi/comfy-cli@0.0.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.23"},{"url":"http://public2.vulnerablecode.io/api/packages/931158?format=json","purl":"pkg:pypi/comfy-cli@0.0.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.24"},{"url":"http://public2.vulnerablecode.io/api/packages/931159?format=json","purl":"pkg:pypi/comfy-cli@0.0.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.25"},{"url":"http://public2.vulnerablecode.io/api/packages/931160?format=json","purl":"pkg:pypi/comfy-cli@0.0.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.26"},{"url":"http://public2.vulnerablecode.io/api/packages/931161?format=json","purl":"pkg:pypi/comfy-cli@0.0.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.28"},{"url":"http://public2.vulnerablecode.io/api/packages/931162?format=json","purl":"pkg:pypi/comfy-cli@0.0.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.29"},{"url":"http://public2.vulnerablecode.io/api/packages/931163?format=json","purl":"pkg:pypi/comfy-cli@0.0.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.31"},{"url":"http://public2.vulnerablecode.io/api/packages/931164?format=json","purl":"pkg:pypi/comfy-cli@0.0.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@0.0.32"},{"url":"http://public2.vulnerablecode.io/api/packages/931165?format=json","purl":"pkg:pypi/comfy-cli@1.0.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.0.32"},{"url":"http://public2.vulnerablecode.io/api/packages/931166?format=json","purl":"pkg:pypi/comfy-cli@1.0.33","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.0.33"},{"url":"http://public2.vulnerablecode.io/api/packages/931167?format=json","purl":"pkg:pypi/comfy-cli@1.0.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.0.34"},{"url":"http://public2.vulnerablecode.io/api/packages/931168?format=json","purl":"pkg:pypi/comfy-cli@1.0.35","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.0.35"},{"url":"http://public2.vulnerablecode.io/api/packages/931169?format=json","purl":"pkg:pypi/comfy-cli@1.0.36","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.0.36"},{"url":"http://public2.vulnerablecode.io/api/packages/931170?format=json","purl":"pkg:pypi/comfy-cli@1.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/931171?format=json","purl":"pkg:pypi/comfy-cli@1.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/931172?format=json","purl":"pkg:pypi/comfy-cli@1.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/931173?format=json","purl":"pkg:pypi/comfy-cli@1.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/931174?format=json","purl":"pkg:pypi/comfy-cli@1.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/931175?format=json","purl":"pkg:pypi/comfy-cli@1.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/931176?format=json","purl":"pkg:pypi/comfy-cli@1.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/931177?format=json","purl":"pkg:pypi/comfy-cli@1.1.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.1.7"},{"url":"http://public2.vulnerablecode.io/api/packages/931178?format=json","purl":"pkg:pypi/comfy-cli@1.1.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.1.8"},{"url":"http://public2.vulnerablecode.io/api/packages/931179?format=json","purl":"pkg:pypi/comfy-cli@1.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/931180?format=json","purl":"pkg:pypi/comfy-cli@1.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/931181?format=json","purl":"pkg:pypi/comfy-cli@1.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/931182?format=json","purl":"pkg:pypi/comfy-cli@1.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/931183?format=json","purl":"pkg:pypi/comfy-cli@1.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/931184?format=json","purl":"pkg:pypi/comfy-cli@1.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/931185?format=json","purl":"pkg:pypi/comfy-cli@1.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/931186?format=json","purl":"pkg:pypi/comfy-cli@1.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/931187?format=json","purl":"pkg:pypi/comfy-cli@1.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/931188?format=json","purl":"pkg:pypi/comfy-cli@1.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/931189?format=json","purl":"pkg:pypi/comfy-cli@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/931190?format=json","purl":"pkg:pypi/comfy-cli@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/931191?format=json","purl":"pkg:pypi/comfy-cli@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/931192?format=json","purl":"pkg:pypi/comfy-cli@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/931193?format=json","purl":"pkg:pypi/comfy-cli@1.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/931194?format=json","purl":"pkg:pypi/comfy-cli@1.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/931195?format=json","purl":"pkg:pypi/comfy-cli@1.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/931196?format=json","purl":"pkg:pypi/comfy-cli@1.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/931197?format=json","purl":"pkg:pypi/comfy-cli@1.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/931198?format=json","purl":"pkg:pypi/comfy-cli@1.3.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/931199?format=json","purl":"pkg:pypi/comfy-cli@1.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/931200?format=json","purl":"pkg:pypi/comfy-cli@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/931201?format=json","purl":"pkg:pypi/comfy-cli@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/931202?format=json","purl":"pkg:pypi/comfy-cli@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/931203?format=json","purl":"pkg:pypi/comfy-cli@1.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/931204?format=json","purl":"pkg:pypi/comfy-cli@1.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/931205?format=json","purl":"pkg:pypi/comfy-cli@1.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@1.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/73320?format=json","purl":"pkg:pypi/comfy-cli@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@4.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/514617?format=json","purl":"pkg:pypi/comfy-cli@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cuuh-yk7d-ufc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/comfy-cli@4.0.4"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22777","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04251","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0426","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04262","published_at":"2026-06-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00905","published_at":"2026-06-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00982","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22777"},{"reference_url":"https://github.com/Comfy-Org/ComfyUI-Manager","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Comfy-Org/ComfyUI-Manager"},{"reference_url":"https://github.com/Comfy-Org/ComfyUI-Manager/commit/ef8703a3d7ab4e6ecda8f96e0c5816c23d1cb262","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Comfy-Org/ComfyUI-Manager/commit/ef8703a3d7ab4e6ecda8f96e0c5816c23d1cb262"},{"reference_url":"https://github.com/Comfy-Org/ComfyUI-Manager/commit/f4fa394e0f03b013f1068c96cff168ad10bd0410","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-12T13:22:21Z/"}],"url":"https://github.com/Comfy-Org/ComfyUI-Manager/commit/f4fa394e0f03b013f1068c96cff168ad10bd0410"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22777","reference_id":"CVE-2026-22777","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22777"},{"reference_url":"https://github.com/advisories/GHSA-562r-8445-54r2","reference_id":"GHSA-562r-8445-54r2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-562r-8445-54r2"},{"reference_url":"https://github.com/Comfy-Org/ComfyUI-Manager/security/advisories/GHSA-562r-8445-54r2","reference_id":"GHSA-562r-8445-54r2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-12T13:22:21Z/"}],"url":"https://github.com/Comfy-Org/ComfyUI-Manager/security/advisories/GHSA-562r-8445-54r2"}],"weaknesses":[{"cwe_id":93,"name":"Improper Neutralization of CRLF Sequences ('CRLF Injection')","description":"The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cuuh-yk7d-ufc4"}