CVE-2025-13710

CVE-2025-13710 affects Tencent HunyuanVideo and involves the load_vae function, where lack of validation allows deserialization of untrusted data and arbitrary code execution. The root cause is improper input validation in load_vae, enabling a remote code execution scenario with the attacker need...

CVE-2025-13710 Tencent HunyuanVideo load_vae Deserialization of Untrusted Data Remote Code Execution Vulnerability

Tencent HunyuanVideo loadvae Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent HunyuanVideo. User interaction is required to exploit this vulnerability in that the target...

Tencent HunyuanVideo 代码问题漏洞

Tencent HunyuanVideo is a generative AI video model from Tencent, a Chinese company. Tencent HunyuanVideo suffers from a code issue vulnerability that stems from a lack of validation of user-supplied data in the loadvae function, which could lead to deserialization of untrusted data and remote co...

Tencent HunyuanVideo load_vae Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent HunyuanVideo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the loadvae...

PT-2025-48585

Name of the Vulnerable Software and Affected Versions Tencent HunyuanVideo affected versions not specified Description A flaw exists within the load vae function that allows remote attackers to execute arbitrary code on affected installations of Tencent HunyuanVideo. The issue stems from a lack o...