CVE-2025-49838

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-49838

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49838.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-49838

Published

2025-07-15T20:36:46.859Z

Modified

2026-04-02T12:51:43.160848Z

Severity

8.9 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P CVSS Calculator

Summary

GHSL-2025-050: GPT-SoVITS Deserialization of Untrusted Data vulnerability

Details

GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in vr.py AudioPreDeEcho. The modelchoose variable takes user input (e.g. a path to a model) and passes it to the uvr function. In uvr, a new instance of AudioPreDeEcho class is created with the modelpath attribute containing the aforementioned user input (here called locally modelname). Note that in this step the .pth extension is added to the path. In the AudioPreDeEcho class, the user input, here called modelpath, is used to load the model on that path with torch.load, which can lead to unsafe deserialization. At time of publication, no known patched versions are available.

Database specific

{
    "cwe_ids": [
        "CWE-502"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/49xxx/CVE-2025-49838.json",
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/rvc-boss/gpt-sovits

Affected ranges

Type

GIT

Repo

https://github.com/rvc-boss/gpt-sovits

Events

Introduced

Last affected

4fd57b0ea776d396f202e13be180b4c02e4dd957

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "20250228v3"
        }
    ]
}

Affected versions

Other

20240821v2

20250228v3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49838.json"