CNNVD-202512-4078 Information

CNNVD ID

CNNVD-202512-4078

Related CVE

CVE-2025-13707

• CNNVD Published: 2025-12-23

Description (Chinese)

Tencent HunyuanDiT是中国腾讯（Tencent）公司的一个扩散模型。 Tencent HunyuanDiT存在代码问题漏洞，该漏洞源于model_resume函数缺乏对用户提供数据的验证，可能导致反序列化不可信数据和远程代码执行。

Description (English)

Tencent Hunyuan DiT is a proliferation model of Tencent. Tencent Hunyuan DiT has a code problem loophole, which stems from the lack of validation of data provided by users in the model resume function, which may lead to antisequencing untrustworthy data and remote code execution.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

腾讯

Published

2025-12-23

Last Modified

2026-02-24

References

https://github.com/Tencent-Hunyuan/HunyuanDiT/commit/d2cb9cde5c9dc6a6c01735dcb92fe7699ddf6bc5 https://www.zerodayinitiative.com/advisories/ZDI-25-1029/

Patch

https://github.com/Tencent-Hunyuan/HunyuanDiT