VYPR

rpm package

opensuse/llamacpp&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/llamacpp&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2026-21869Jan 7, 2026
    affected < 9500-1.1fixed 9500-1.1

    llama.cpp is an inference of several LLM models in C/C++. In commits 55d4206c8 and prior, the n_discard parameter is parsed directly from JSON input in the llama.cpp server's completion endpoints without validation to ensure it's non-negative. When a negative value is supplied an

  • CVE-2025-53630HigJul 10, 2025
    affected < 5889-1.1fixed 5889-1.1

    llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579.

  • CVE-2025-49847Jun 17, 2025
    affected < 5699-1.1fixed 5699-1.1

    llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper _try_copy in llama.cpp/src/vocab.cpp: llama_vocab::impl::tok