146 matches found
Widening the Gap: Exploiting LLM Quantization Via Outlier Injection
LLM quantization has become essential for memory-efficient deployment. Recent work has shown that quantization schemes can pose critical security risks: an adversary may release a model that appears benign in full precision but exhibits malicious behavior once quantized by users. However, existin...
Exploit for CVE-2026-7482
CVE-2026-7482: Ollama Heap Out-of-Bounds Read 1-Day PoC Thi...
Ollama GGUF Quantization Remote Memory Leak
Overview Ollama’s model quantization engine contains a vulnerability that allows an attacker with access to the model upload interface to read and potentially exfiltrate heap memory from the server. This issue may lead to unintended behavior, including unauthorized access to sensitive data and, i...
PT-2026-34454
Name of the Vulnerable Software and Affected Versions Ollama affected versions not specified Description An out-of-bounds heap read/write issue exists in the GGUF model quantization engine. An attacker can exploit this by uploading a specially crafted GPT-Generated Unified Format GGUF file to the...
CVE-2025-33247
NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2026-24141
NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,...
turboquant-monitoring-poc
TurboQuant x WhatAp Monitoring POC TurboQuanthttps://arxiv...
Deserialization of Untrusted Data
Overview megatron-core is a Megatron Core - a library for efficient and scalable training of transformer based models Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the quantization configuration loading process. An attacker can execute arbitrary code,...
EUVD-2025-208974
NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2026-24141
NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,...
CVE-2025-33247
NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2026-24141
CVE-2026-24141 affects NVIDIA Model Optimizer for Windows and Linux, where the ONNX quantization feature allows unsafe deserialization via a crafted input file. This can lead to code execution, escalation of privileges, data tampering, and information disclosure. NVIDIA states affected versions a...
CVE-2026-24141
NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,...
CVE-2026-24141
NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,...
CVE-2025-33247
NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-33247
NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-33247
NVIDIA Megatron LM is affected by CVE-2025-33247 due to a vulnerability in quantization configuration loading that could allow remote code execution. The security bulletin states this could lead to code execution, elevation of privileges, information disclosure, and data tampering. Affected produ...
CVE-2025-33247
NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
PT-2026-27508
NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,...
NVIDIA Model Optimizer 代码问题漏洞
NVIDIA Model Optimizer is a tool component developed by NVIDIA Corporation that optimizes the performance of deep learning models and improves inference efficiency. NVIDIA Model Optimizer has a code vulnerability, which stems from an insecure deserialization issue in the ONNX quantization functio...