Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.8 views

EUVD-2025-21557

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00656EPSS
Exploits1References4
CNVD
CNVDadded 2025/07/21 12:0 a.m.2 views

GPT-SoVITS-WebUI Code Issue Vulnerability (CNVD-2025-23582)

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from unsafe deserialization processing of processckpt.py when receiving serialized data submitted by a user, which can be exploited by an attacker to execute arbitrary commands on the system...

9.8CVSS7.8AI score0.00656EPSS
Exploits1References1
NVD
NVDadded 2025/07/15 9:15 p.m.3 views

CVE-2025-49841

GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in processckpt.py. The SoVITSdropdown variable takes user input and passes it to the loadsovitsnew function in processckpt.py. In loadsovitsnew, the...

9.8CVSS0.00656EPSS
Exploits1References4
CVE
CVEadded 2025/07/15 8:43 p.m.18 views

CVE-2025-49841

GPT-SoVITS-WebUI is affected by unsafe deserialization in process_ckpt.py. User input (sovits_path) is passed to torch.load in load_sovits_new, enabling arbitrary code execution. Affected versions: 20250228v3 and prior. At publication, no patched versions are available. No exploitation details ar...

9.8CVSS6.5AI score0.00656EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2025/07/15 8:43 p.m.5 views

CVE-2025-49841 GHSL-2025-053: GPT-SoVITS Deserialization of Untrusted Data vulnerability

GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in processckpt.py. The SoVITSdropdown variable takes user input and passes it to the loadsovitsnew function in processckpt.py. In loadsovitsnew, the...

9.3CVSS7.1AI score0.00656EPSS
Exploits1References4
OSV
OSVadded 2025/07/15 8:43 p.m.3 views

CVE-2025-49841 GHSL-2025-053: GPT-SoVITS Deserialization of Untrusted Data vulnerability

GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in processckpt.py. The SoVITSdropdown variable takes user input and passes it to the loadsovitsnew function in processckpt.py. In loadsovitsnew, the...

9.3CVSS6.8AI score0.00656EPSS
Exploits1References6
CNNVD
CNNVDadded 2025/07/15 12:0 a.m.2 views

GPT-SoVITS-WebUI 代码问题漏洞

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from unsafe deserialization processing of processckpt.py when receiving serialized data submitted by a user, which can be exploited by an attacker to execute arbitrary commands on the system...

9.8CVSS7.5AI score0.00656EPSS
Exploits1References5
Rows per page
Query Builder