109 matches found
EUVD-2025-21070
Malicious code in bioql PyPI...
EUVD-2025-18632
Malicious code in bioql PyPI...
EUVD-2024-20992
Malicious code in bioql PyPI...
CVE-2025-53630
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the ggufinitfromfileimpl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579...
CVE-2025-53630
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the ggufinitfromfileimpl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579...
CVE-2025-53630 Integer Overflow in GGUF Parser can lead to Heap Out-of-Bounds Read/Write in gguf
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the ggufinitfromfileimpl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579...
CVE-2025-53630 Integer Overflow in GGUF Parser can lead to Heap Out-of-Bounds Read/Write in gguf
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the ggufinitfromfileimpl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579...
CVE-2025-53630
CVE-2025-53630 affects llama.cpp (ggml/gguf.cpp) where an integer overflow in gguf_init_from_file_impl can cause a heap out-of-bounds read/write. The vulnerability impacts inference paths in llama.cpp and is fixed by commit 26a48ad699d50b6268900062661bd22f3e792579. Connected sources document the ...
CVE-2025-53630 Integer Overflow in GGUF Parser can lead to Heap Out-of-Bounds Read/Write in gguf
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the ggufinitfromfileimpl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579...
PT-2025-29152
Name of the Vulnerable Software and Affected Versions: llama.cpp affected versions not specified Description: An integer overflow in the gguf init from file impl function within ggml/src/gguf.cpp can lead to a Heap Out-of-Bounds Read/Write. Recommendations: Update to a version containing commit...
UBUNTU-CVE-2025-52566
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation llamavocab::tokenize src/llama-vocab.cpp:3036 resulting in unintended behavior in tokens copying size comparison. Allowing...
CVE-2025-52566 llama.cpp tokenizer signed vs. unsigned heap overflow
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation llamavocab::tokenize src/llama-vocab.cpp:3036 resulting in unintended behavior in tokens copying size comparison. Allowing...
CVE-2025-52566
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation llamavocab::tokenize src/llama-vocab.cpp:3036 resulting in unintended behavior in tokens copying size comparison. Allowing...
CVE-2025-52566
CVE-2025-52566 affects llama.cpp (tokenizer in llama_vocab::tokenize). Prior to version b5721, a signed vs. unsigned integer overflow enables heap-overflow during tokenization, causing unintended behavior in token copying. This could enable heap-related issues during inference with crafted input....
CVE-2025-52566 llama.cpp tokenizer signed vs. unsigned heap overflow
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation llamavocab::tokenize src/llama-vocab.cpp:3036 resulting in unintended behavior in tokens copying size comparison. Allowing...
PT-2025-26690 · Llama.Cpp · Llama.Cpp
Name of the Vulnerable Software and Affected Versions: llama.cpp version prior to b5721 Description: The issue is related to a signed vs. unsigned integer overflow in the llama vocab::tokenize function of llama.cpp's tokenizer implementation, resulting in unintended behavior during token copying...
llama.cpp 安全漏洞
llama.cpp is a multimodal model by the individual developer Georgi Gerganov. A security vulnerability exists in versions of llama.cpp prior to b5721, which stems from the presence of signed and unsigned integer overflows in the tokenizer implementation, which could lead to a heap overflow...
CVE-2025-49847
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper trycopy in llama.cpp/src/vocab.cpp: llamavocab::impl::tokentopiece casts a ve...
DEBIAN-CVE-2025-49847
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper trycopy in llama.cpp/src/vocab.cpp: llamavocab::impl::tokentopiece casts a ve...
CVE-2025-49847
CVE-2025-49847 affects llama.cpp: prior to v5662, an attacker-supplied GGUF vocabulary can trigger a buffer overflow in the vocabulary-loading path. The root cause is in llama_vocab::impl::token_to_piece(), where a large size_t token length is cast to int32_t, bypassing the length check and causi...