Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2025/11/21 7:16 p.m.3 views

CVE-2025-62609

MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. This iss...

7.5CVSS0.001EPSS
Exploits1References1
PyPA
PyPAadded 2025/11/21 7:16 p.m.4 views

PYSEC-2025-138

MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load when parsing malicious NumPy .npy files. Attacker-controlled file causes 13-byte out-of-bounds read, leading to crash or information disclosure. This issue...

9.1CVSS5.9AI score0.00089EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2025/11/21 7:16 p.m.3 views

CVE-2025-62608

MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load when parsing malicious NumPy .npy files. Attacker-controlled file causes 13-byte out-of-bounds read, leading to crash or information disclosure. This issue...

9.1CVSS0.00089EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/11/21 6:57 p.m.10 views

CVE-2025-62609 MLX has Wild Pointer Dereference in load_gguf()

MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. This iss...

6.9CVSS0.001EPSS
Exploits1References1
CVE
CVEadded 2025/11/21 6:56 p.m.14 views

CVE-2025-62608

MLX vulnerable to a heap-buffer-overflow in mlx::core::load() when parsing malicious NumPy .npy files. Prior to version 0.29.4, attacker-controlled files can trigger a 13-byte out-of-bounds read, leading to crash or information disclosure. The issue is fixed in version 0.29.4. Affected platforms:...

9.1CVSS6.5AI score0.00089EPSS
Exploits1References3Affected Software1
EUVD
EUVDadded 2025/11/21 6:3 p.m.2 views

EUVD-2025-198500

MLX has Wild Pointer Dereference in loadgguf...

6.9CVSS6.4AI score0.001EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/11/21 12:0 a.m.1 views

MLX 代码问题漏洞

MLX is a machine learning framework open-sourced by ml-explore. A code issue vulnerability exists in MLX versions prior to 0.29.4 that stems from a segmentation error when loading a malicious GGUF file, which could cause the application to crash...

7.5CVSS6.6AI score0.001EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/11/21 12:0 a.m.5 views

PT-2025-47798

Name of the Vulnerable Software and Affected Versions MLX versions prior to 0.29.4 Description MLX, an array framework for machine learning on Apple silicon, contains a flaw in the mlx::core::load gguf function. This function experiences a segmentation fault when processing maliciously crafted GG...

6.9CVSS6.4AI score0.001EPSS
Exploits1References7
Rows per page
Query Builder