CVSS 3.1 Score 9.1 of 10 (high)


Published Apr 16, 2024
Updated: Apr 17, 2024


CVE-2024-32025 is a command injection vulnerability in Kohya_ss, a GUI for Kohya's Stable Diffusion trainers. The vulnerability exists in the file and has been fixed in version 23.1.5. This vulnerability has a risk score of 65 and a base severity of CRITICAL. It does not require any privileges or user interaction and can be exploited over the network. The impact of this vulnerability is high on both integrity and confidentiality. The CVE ID is associated with the CWE-77 category, which refers to the improper neutralization of special elements used in a command (command injection).

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-32025 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options