EUVD-2025-13513

Malicious code in bioql PyPI...

EUVD-2025-13508

Malicious code in bioql PyPI...

EUVD-2025-13501

Malicious code in bioql PyPI...

EUVD-2025-13512

Malicious code in bioql PyPI...

CVE-2025-43848

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckptpath0 variable takes user input e.g. a path to a model and passes it to the changeinfo function in processckpt.py, which uses it to...

CVE-2025-43842

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to command injection. The variables expdir1, np7, trainsetdir4 and sr2 take user input and pass it to the preprocessdataset function, which concatenates them into a...

CVE-2025-43849

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpta and cpktb variables take user input e.g. a path to a model and pass it to the merge function in processckpt.py, which uses them...

CVE-2025-43851

The CVE-2025-43851 entry concerns Retrieval-based-Voice-Conversion-WebUI (RVC) with versions 2.2.231006 and earlier. The root cause is unsafe deserialization in Python code: user-controlled input (model_choose) is passed to the uvr function, which creates an AudioPre instance and uses torch.load ...

CVE-2025-43850

The CVE affects Retrieval-based-Voice-Conversion-WebUI (RVC) versions 2.2.231006 and earlier. The root cause is unsafe deserialization: the ckpt_dir input is passed to export.py’s change_info function, which loads a model with torch.load, enabling remote code execution. Public documentation confi...

CVE-2025-43850 GHSL-2025-020_Retrieval-based-Voice-Conversion-WebUI

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckptdir variable takes user input e.g. a path to a model and passes it to the changeinfo function in export.py, which uses it to load the...

CVE-2025-43849 GHSL-2025-019_Retrieval-based-Voice-Conversion-WebUI

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpta and cpktb variables take user input e.g. a path to a model and pass it to the merge function in processckpt.py, which uses them...

CVE-2025-43849

CVE-2025-43849 affects Retrieval-based-Voice-Conversion-WebUI (RVC-Project). Versions up to 2.2.231006 are vulnerable due to unsafe deserialization in process_ckpt.py: the ckpt_a and cpkt_b inputs are passed to the merge function, which uses torch.load on user-provided paths, enabling remote code...

CVE-2025-43845

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to code injection. The ckptpath2 variable takes user input e.g. a path to a model and passes it to changeinfo function, which opens and reads the file on the given path...

CVE-2025-43846 GHSL-2025-016_Retrieval-based-Voice-Conversion-WebUI

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckptpath1 variable takes user input e.g. a path to a model and passes it to the showinfo function in processckpt.py, which uses it to loa...

CVE-2025-43844

CVE-2025-43844 affects Retrieval-based-Voice-Conversion-WebUI (VITS-based) with versions 2.2.231006 and earlier. The root cause is that input variables (e.g., exp_dir1) are passed into the click_train function and concatenated into a shell command executed on the server, enabling arbitrary comman...

CVE-2025-43842

The CVE-2025-43842 entry concerns Retrieval-based-Voice-Conversion-WebUI (VITS-based). Affected: versions 2.2.231006 and earlier. The root cause: user-provided inputs in variables exp_dir1, np7, trainset_dir4, and sr2 are fed into preprocess_dataset, concatenated into a server-side command, enabl...