CVE-2026-10298 ggml-org whisper.cpp ggml.c whisper_model_load null pointer dereference

A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public and...

CVE-2026-10298 ggml-org whisper.cpp ggml.c whisper_model_load null pointer dereference

A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public and...

PT-2026-6804

Name of the Vulnerable Software and Affected Versions ggml-org llama.cpp versions prior to 55abc39 Description A flaw exists in the GBNF Grammar Handler component of ggml-org llama.cpp. Specifically, the llama grammar advance stack function within the llama.cpp/src/llama-grammar.cpp file is...

CVE-2025-14569

A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function readaudiodata of the file /whisper.cpp/examples/common-whisper.cpp. The manipulation results in use after free. The attack requires a local approach. The exploit is now public and may be used. The project w...

CVE-2025-14569

CVE-2025-14569 affects ggml-org whisper.cpp up to version 1.8.2. The vulnerable component is the read_audio_data function in /whisper.cpp/examples/common-whisper.cpp, with a use-after-free condition reported under local access. Multiple connected sources (NVD, Red Hat, EUVD, Debian tracker, CNVD/...

PT-2025-50961

A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function read audio data of the file /whisper.cpp/examples/common-whisper.cpp. The manipulation results in use after free. The attack requires a local approach. The exploit is now public and may be used. The project...