CVE-2025-27779

CVE-2025-27779 is an unsafe deserialization vulnerability affecting Applio, an open-source voice conversion tool, in versions 3.2.8-bugfix and prior. The issue resides in the `model_blender.py` file at lines 20 and 21, where the `model_blender` function uses `torch.load` to load two models specified by user-supplied inputs (`model_fusion_a` and `model_fusion_b`) sourced from `voice_blender.py`. These inputs, such as paths to models, are passed through `run_model_blender_script` without proper validation, enabling deserialization of untrusted data and classified under CWE-502. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

A remote, unauthenticated attacker can exploit this vulnerability by tricking a user into providing a malicious model path or file via the voice blender feature. Successful exploitation leads to arbitrary remote code execution on the victim's machine, with high impact on confidentiality, integrity, and availability, as the deserialization occurs without privileges or user interaction beyond supplying the input.

Mitigation is available via a patch committed to the main branch of the Applio GitHub repository (commit 11d139508d615a6db4d48b76634a443c66170dda). Security practitioners should advise users to update to the latest version from the main branch and avoid loading untrusted model files. Additional details are provided in the GitHub Security Lab advisory (GHSL-2024-341_GHSL-2024-353_Applio) and affected code references.