CVE-2026-31251

Published: May 11, 2026

Modified: May 12, 2026

PUBLISHED

Description

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load() without enabling the weights_only=True security parameter. This allows the deserialization of arbitrary Python objects via the pickle module. An attacker can exploit this by providing malicious model files within a directory. When a victim starts the gRPC server pointing to this directory, arbitrary code is executed on the victim's system during server initialization.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/FunAudioLLM/CosyVoice

https://www.notion.so/CVE-2026-31251-35d1e1393188816f9bf5f3ccea3aa16f

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-31251

Description

Affected Products

References