GPT-SoVITS Multiple Deserialization RCE Vulnerabilities (CVE-2025-49837 to 49841)

### Critical Vulnerability Information #### Vulnerability IDs - GHSL-2025-049 - GHSL-2025-053 #### Vulnerability Type - Remote Code Execution (RCE) #### Affected Component - GPT-SoVITS #### Related CVE IDs - CVE-2025-49837 - CVE-2025-49838 - CVE-2025-49839 - CVE-2025-49840 - CVE-2025-49841 #### Main Issues 1. **Unsafe Deserialization in vr.py** - The `model_path` parameter passed to the `load_model` function enables remote code execution. - CWE: CWE-502: Deserialization of Untrusted Data 2. **Unsafe Deserialization in AudioPreDeEcho Class** - The `model_path` parameter is used to load models, potentially leading to remote code execution. - CWE: CWE-502: Deserialization of Untrusted Data 3. **Unsafe Deserialization in bsforator.py** - The `model_path` parameter is used to load models, potentially leading to remote code execution. - CWE: CWE-502: Deserialization of Untrusted Data 4. **Unsafe Deserialization in inference_webui.py** - The `model_path` parameter is used to load models, potentially leading to remote code execution. - CWE: CWE-502: Deserialization of Untrusted Data 5. **Unsafe Deserialization in process_ckpt.py** - The `save_name` parameter is used to save models, potentially leading to remote code execution. - CWE: CWE-502: Deserialization of Untrusted Data #### Disclosure Timeline - 2023-06-14: Issue submitted and request for contact - 2023-06-16: OC commented and marked as bug - 2023-06-16: GitHub Security Lab requested CVEs and followed 90-day disclosure policy #### Discoverers - GHSL Team Members: @yukibadzuki @billybadzuki

Goal Reached Thanks to every supporter — we hit 100%!

GPT-SoVITS Multiple Deserialization RCE Vulnerabilities (CVE-2025-49837 to 49841)