CVE-2025-49837
GPT-SoVITS-WebUI (versions 20250228v3 and prior) is affected by an unsafe deserialization vulnerability in vr.py AudioPre. The attack surface involves the model_choose input, which is passed into function uvr, where AudioPre is instantiated with a model_path derived from user input and the .pth e...