CVE-2025-49840 | RVC-Boss GPT-SoVITS up to 20250228v3 inference_webui.py change_gpt_weights GPT_dropdown deserialization (GHSL-2025-049)

Inserito da Angelo Barbosa | Lug 15, 2025 | CVE

A vulnerability was found in RVC-Boss GPT-SoVITS up to 20250228v3. It has been declared as critical. Affected by this vulnerability is the function change_gpt_weights of the file inference_webui.py. The manipulation of the argument GPT_dropdown leads to deserialization.

This vulnerability is known as CVE-2025-49840. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-49840 | RVC-Boss GPT-SoVITS up to 20250228v3 inference_webui.py change_gpt_weights GPT_dropdown deserialization (GHSL-2025-049)

Post correlati

CVE-2024-49733 | Google Android 12/12L/13/14/15 ServiceListing.java reload information disclosure

CVE-2024-0159 | Dell Alienware Command Center unknown vulnerability (dsa-2024-016)

CVE-2024-34068 | Pterodactyl Wings up to 1.11.11 api.disable_remote_download access control

CVE-2024-26292 | Avid NEXIS E-series prior 2025.5.1 on Linux/Windows path traversal