PT-2026-34454

Name of the Vulnerable Software and Affected Versions Ollama affected versions not specified Description An out-of-bounds heap read/write issue exists in the GGUF model quantization engine. An attacker can exploit this by uploading a specially crafted GPT-Generated Unified Format GGUF file to the...

Mind the Gap: a Practical Attack on GGUF Quantization

With the increasing size of frontier LLMs, post-training quantization has become the standard for memory-efficient deployment. Recent work has shown that basic rounding-based quantization schemes pose security risks, as they can be exploited to inject malicious behaviors into quantized models tha...