CVE-2025-13710 | Tencent HunyuanVideo load_vae deserialization (ZDI-25-1030)

Inserito da Angelo Barbosa | Dic 2, 2025 | CVE

A vulnerability described as critical has been identified in Tencent HunyuanVideo. This impacts the function load_vae. Executing manipulation can lead to deserialization.

The identification of this vulnerability is CVE-2025-13710. The attack may be launched remotely. There is no exploit available.

Applying a patch is advised to resolve this issue.

CVE-2025-13710 | Tencent HunyuanVideo load_vae deserialization (ZDI-25-1030)

Post correlati

CVE-2024-7873 | Veribilim Software Veribase Order 4.010.2 cross site scripting

CVE-2024-27873 | Apple iOS/iPadOS Video out-of-bounds write

CVE-2024-1036 | openBI up to 1.0.8 Icon Screen.php uploadIcon unrestricted upload

CVE-2025-21828 | Linux Kernel up to 6.6.75/6.12.12/6.13.1 mac80211 improper authorization