CVE-2026-31249
Insecure Deserialization in CosyVoice Data Processing Tool
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| funaudiollm | cosyvoice | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-31249 is an insecure deserialization vulnerability in the CosyVoice make_parquet_list.py data processing tool. The tool loads PyTorch .pt files using torch.load() without enabling the weights_only=True security parameter. This allows the deserialization of arbitrary Python objects via the pickle module.
An attacker can exploit this vulnerability by providing malicious .pt files within a data directory. When the victim processes this directory using the tool, arbitrary code can be executed on the victim's system.
How can this vulnerability impact me? :
This vulnerability can lead to arbitrary code execution on the victim's system when processing malicious .pt files. This means an attacker could run any code they choose, potentially leading to system compromise, data theft, or further attacks.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the insecure deserialization vulnerability in CosyVoice's make_parquet_list.py tool, ensure that when loading PyTorch .pt files using torch.load(), the parameter weights_only=True is enabled. This prevents arbitrary code execution by restricting deserialization to only tensor weights.
Additionally, avoid processing untrusted or malicious .pt files within data directories, as these can exploit the vulnerability by executing arbitrary code during deserialization.