PT-2025-11980 · Applio · Applio
Sylwia Budzynska
+1
·
Published
2025-03-19
·
Updated
2025-08-01
·
CVE-2025-27778
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Applio versions 3.2.8-bugfix and prior
Description
Applio is a voice conversion tool vulnerable to unsafe deserialization in
infer.py. This issue can lead to remote code execution. A fix was available on the main branch of the Applio repository at the time of publication, but it was not attached to a numbered release.Recommendations
Applio versions prior to 3.2.8-bugfix are affected.
Update to a version with the fix available on the
main branch of the Applio repository.Exploit
Fix
RCE
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Applio