CVE-2026-22777 | Comfy ComfyUI-Manager up to 3.39.1/4.0.4 config.ini crlf injection (GHSA-562r-8445-54r2)

A vulnerability was found in Comfy ComfyUI-Manager up to 3.39.1/4.0.4. It has been rated as problematic. Affected by this vulnerability is an unknown functionality of the file config.ini. This manipulation causes crlf injection.

This vulnerability is tracked as CVE-2026-22777. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More