Heap Buffer Overflow in Stable Diffusion Library by Leejet
CVE-2026-47747

7.8HIGH

Key Information:

Vendor

Leejet

Status
Stable-diffusion.cpp
Vendor
CVE Published:
16 June 2026

What is CVE-2026-47747?

The stable-diffusion.cpp library has a vulnerability that allows a crafted .ckpt file to cause a heap buffer overflow due to sign confusion in the opcode length field within the BINUNICODE handler. This can lead to heap corruption as a result of improper memory allocation during the parsing process. To mitigate the risks, it is advised to only load .ckpt files from trusted sources or use safer formats like .safetensors. An update addressing this issue has been released in version master-584-0a7ae07.

Affected Version(s)

stable-diffusion.cpp < master-584-0a7ae07

References

https://github.com/leejet/stable-diffusion.cpp/security/a...
x_refsource_CONFIRM
https://github.com/leejet/stable-diffusion.cpp/pull/1443
x_refsource_MISC
https://github.com/leejet/stable-diffusion.cpp/commit/0a7...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.