{"data":{"id":"d47577e3-2eb4-42f4-b176-9d102ad8a2d4","title":"CVE-2026-31251: CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnera","summary":"CosyVoice (a speech synthesis tool) has an insecure deserialization vulnerability (CWE-502, a flaw where untrusted data is converted back into executable code) in its gRPC server (a framework for building networked services). The vulnerability occurs because the server uses torch.load() without the weights_only=True parameter to load speech models, allowing an attacker to execute arbitrary code by placing malicious model files in a directory that a victim then loads.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-31251","publishedAt":"2026-05-11T17:16:20.070Z","cveId":"CVE-2026-31251","cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"critical","attackType":["model_poisoning"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["CosyVoice"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-05-11T17:16:20.070Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"model","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}