2 matches found
CVE-2025-62608
MLX vulnerable to a heap-buffer-overflow in mlx::core::load() when parsing malicious NumPy .npy files. Prior to version 0.29.4, attacker-controlled files can trigger a 13-byte out-of-bounds read, leading to crash or information disclosure. The issue is fixed in version 0.29.4. Affected platforms:...
CVE-2025-62609
MLX (on Apple silicon) prior to version 0.29.4 is affected by a wild pointer dereference in mlx::core::load_gguf() when loading malicious GGUF files, dereferencing an untrusted pointer from gguflib without validation and causing a crash. The issue stems from loading external GGUF data and manifes...