A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3rc2.

Affected Packages

PyPI InvokeAI

Affected versions: 5.3.1 (fixed in 5.4.3rc2)

Related CVEs

CVE-2024-12029

Key Information

GHSA ID

GHSA-mcrp-whpw-jp68

Published

March 21, 2025 3:32 PM

Last Modified

May 20, 2025 5:37 PM

CVSS Score

9.0 /10

Primary Ecosystem

PyPI

Primary Package

InvokeAI

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 26, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.