CNNVD-202512-4073 Information

CNNVD ID

CNNVD-202512-4073

Related CVE

CVE-2025-13716

• CNNVD Published: 2025-12-23

Description (Chinese)

Tencent MimicMotion是中国腾讯（Tencent）公司的一个可控视频生成框架。 Tencent MimicMotion存在代码问题漏洞，该漏洞源于create_pipeline函数缺少对用户提供数据的验证，可能导致反序列化不受信任的数据和远程代码执行。

Description (English)

Tencent MimicMotion is a controlled video generation framework for Tencent. There is a code problem loophole in Tencent MimicMotion, which stems from the lack of validation of data provided by the user in the Create peline function, which may lead to anti-serialization untrusted data and remote code execution.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

腾讯

Published

2025-12-23

Last Modified

2026-02-24

References

https://github.com/Tencent/MimicMotion/commit/6907bdcc259a6a048d41a365e840d22274f9256c https://www.zerodayinitiative.com/advisories/ZDI-25-1032/

Patch

https://github.com/Tencent/MimicMotion/commit/6907bdcc259a6a048d41a365e840d22274f9256c