PT-2025-21290 · Unknown +1 · Vita-Mllm Freeze-Omni +1

Name of the Vulnerable Software and Affected Versions: VITA-MLLM Freeze-Omni up to 20250421 Description: A problematic issue has been found, affecting the torch.load function in the models/utils.py file. The manipulation of the path argument leads to deserialization, allowing an attack to be...

Freeze-Omni 代码问题漏洞

Freeze-Omni is an intelligent low-latency speech dialog model based on Freeze LLM open-sourced by VITA-MLLM. A code issue vulnerability exists in Freeze-Omni 20250421 and earlier versions, which stems from deserialization due to incorrect manipulation of the parameter path in the file...