Heap Buffer Overflow in stable-diffusion.cpp Library Affects Untrusted Model Loading
CVE-2026-47750

7.8HIGH

Key Information:

Vendor

Leejet

Status
Stable-diffusion.cpp
Vendor
CVE Published:
16 June 2026

What is CVE-2026-47750?

In the stable-diffusion.cpp library, a heap buffer overflow vulnerability exists in the .ckpt file parser due to insufficient validation of newline-delimited fields. This issue, present in earlier versions prior to master-584-0a7ae07, enables an attacker to corrupt the heap by providing a maliciously crafted .ckpt file. This situation requires the application to process checkpoint files from untrusted sources, which can lead to severe exploitation risks. Developers are urged to avoid loading such files and update to the latest version, or use trusted model sources and safer formats like .safetensors to mitigate potential threats.

Affected Version(s)

stable-diffusion.cpp < master-584-0a7ae07

References

https://github.com/leejet/stable-diffusion.cpp/security/a...
x_refsource_CONFIRM
https://github.com/leejet/stable-diffusion.cpp/pull/1443
x_refsource_MISC
https://github.com/leejet/stable-diffusion.cpp/commit/0a7...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.