CVE-2025-4701
Published
CVSS v3
5.3
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local host.
✨✨Freeze-Omni: A Smart and Low Latency Speech-to-speech Dialogue Model with Frozen LLM
GitHub