CVE-2025-43847

Name of the Vulnerable Software and Affected Versions Retrieval-based-Voice-Conversion-WebUI versions 2.2.231006 and prior

Description The issue concerns unsafe deserialization in the Retrieval-based-Voice-Conversion-WebUI voice changing framework, which is based on VITS. The ckpt path2 variable takes user input, such as a path to a model, and passes it to the extract small model function in process ckpt.py. This function uses torch.load to load the model from the provided path, leading to potential unsafe deserialization and remote code execution. No known patches exist for this issue as of the time of publication.

Recommendations For versions 2.2.231006 and prior, as a temporary workaround, consider restricting the use of the ckpt path2 variable and the extract small model function in process ckpt.py to minimize the risk of exploitation. Avoid using the torch.load function with untrusted input until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.