CVE-2025-57622 | Step-Video-T2V /vae-api get_data deserialization

Inserito da Angelo Barbosa | Mar 3, 2026 | CVE

A vulnerability marked as critical has been reported in Step-Video-T2V. This impacts the function get_data of the file /vae-api. Performing a manipulation results in deserialization.

This vulnerability is known as CVE-2025-57622. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-57622 | Step-Video-T2V /vae-api get_data deserialization

Post correlati

CVE-2025-13335 | GitLab Community Edition/Enterprise Edition up to 18.6.3/18.7.1/18.8.1 Wiki Document infinite loop (Issue 581060)

CVE-2024-38810 | Vmware Spring Security 6.3.0/6.3.1 AuthorizeReturnObject improper authorization

CVE-2018-9407 | Google Android emmc_rpmb.c emmc_rpmb_ioctl information disclosure

CVE-2024-0732 | PCMan FTP Server 2.0.7 STOR Command denial of service