SQUIRREL 缓冲区错误漏洞

SQUIRREL is a programming language developed by Alberto Demichelis. It is the stable version of SQUIRREL 3.2. Versions of SQUIRREL 3.2 and earlier had a buffer error vulnerability, which stemmed from a heap buffer overflow in the function SQFunctionProto::Load located in the file...

CVE-2026-31251

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load without enabling the...

CVE-2026-31253

The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains an insecure deserialization vulnerability CWE-502 in its checkpoint loading mechanism. The loadcheckpoint function in checkpoint.py and the checkpoint loading code in eval.py use...

CVE-2026-31252

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its model loading component. The framework uses torch.load to load model weight files e.g., llm.pt, flow.pt, hift.pt without enabling the security-restrictive...

CVE-2026-31251

CVE-2026-31251 affects CosyVoice’s gRPC server component. During startup, the server loads the speech synthesis model from a user-specified directory via torch.load() without enabling the weights_only=True security parameter, enabling the pickle-based deserialization of arbitrary Python objects. ...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 7.1.2-21 and 6.9.13-46 contained security vulnerabilities. These vulnerabilities were due ...

CVE-2026-31249

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its makeparquetlist.py data processing tool. The script loads PyTorch .pt files utterance embeddings, speaker embeddings, speech tokens using torch.load without...

CVE-2026-31252

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its model loading component. The framework uses torch.load to load model weight files e.g., llm.pt, flow.pt, hift.pt without enabling the security-restrictive...

CVE-2026-31251

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load without enabling the...

CVE-2026-31249

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its makeparquetlist.py data processing tool. The script loads PyTorch .pt files utterance embeddings, speaker embeddings, speech tokens using torch.load without...

CVE-2026-31253

The CVE-2026-31253 entry concerns the flash-attention training framework. A deserialization flaw exists in the checkpoint loading path (checkpoint.py load_checkpoint and eval.py) where torch.load() is used without weights_only=True, enabling pickle-based object deserialization. This can allow an ...

CVE-2026-31252

CosyVoice Web UI vulnerability (CVE-2026-31252) arises from insecure deserialization (CWE-502) in the model loading component. The framework loads model weight files (e.g., llm.pt, flow.pt, hift.pt) with torch.load() without enabling weights_only=True, permitting arbitrary Python object deseriali...

PT-2026-39560

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

CosyVoice 安全漏洞

CosyVoice is an open-source voice generation and AI voice cloning platform developed by FunAudioLLM. There was a security vulnerability in the previous version of CosyVoice, which stemmed from the data processing tool makeparquetlist.py using torch.load to load .pt files without enabling the...

PT-2026-39637

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its model loading component. The framework uses torch.load to load model weight files e.g., llm.pt, flow.pt, hift.pt without enabling the security-restrictive...

CosyVoice 安全漏洞

CosyVoice is an open-source voice generation and AI voice cloning platform developed by FunAudioLLM. CosyVoice has a security vulnerability, which stems from the gRPC server component using torch.load to load the voice synthesis model without enabling the weights-only=True security parameter. Thi...

CosyVoice 安全漏洞

CosyVoice is an open-source voice generation and AI voice cloning platform developed by FunAudioLLM. CosyVoice has a security vulnerability. This vulnerability stems from the averagemodel.py model averaging tool, which loads checkpoint files using torch.load without enabling the weights-only=True...

CosyVoice 安全漏洞

CosyVoice is an open-source voice generation and AI voice cloning platform developed by FunAudioLLM. There was a security vulnerability in the previous version of CosyVoice. This vulnerability stemmed from the model loading component using torch.load to load model weight files without enabling th...

CVE-2026-31250

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its averagemodel.py model averaging tool. The script loads PyTorch checkpoint files epoch.pt for model averaging using torch.load without enabling the...

PT-2026-39634

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its make parquet list.py data processing tool. The script loads PyTorch .pt files utterance embeddings, speaker embeddings, speech tokens using torch.load withou...