Lucene search
K

4 matches found

OSV
OSV
added 2026/04/01 6:16 p.m.6 views

UBUNTU-CVE-2026-34159

llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...

9.8CVSS6.4AI score0.01126EPSS
Exploits2References4
Cvelist
Cvelist
added 2026/03/12 4:39 p.m.28 views

CVE-2026-27940 llama.cpp has a Heap Buffer Overflow via Integer Overflow in `mem_size` Calculation — Bypass of CVE-2025-53630 Fix

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...

7.8CVSS0.00177EPSS
Exploits1References1
OSV
OSV
added 2025/07/10 8:15 p.m.4 views

UBUNTU-CVE-2025-53630

llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the ggufinitfromfileimpl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579...

9.3CVSS5.8AI score0.00318EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/03/18 12:0 a.m.5 views

The vulnerability of the `info->ne` function in the llama.cpp file of the GGUF library allows a hacker to execute arbitrary code.

The vulnerability of the info-ne function in the llama.cpp file of the GGUF library is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.5AI score0.01375EPSS
Exploits1References6
Rows per page
Query Builder