VYPR

Llama.cpp

by Ggml

Source repositories

CVEs (16)

  • CVE-2024-42479CriAug 12, 2024
    risk 0.58cvss 10.0epss 0.03

    llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561.

  • CVE-2026-34159CriApr 1, 2026
    risk 0.57cvss 9.8epss 0.01

    llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserialize_tensor() skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted…

  • CVE-2024-23605HigFeb 26, 2024
    risk 0.57cvss 8.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the GGUF library header.n_kv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2024-23496HigFeb 26, 2024
    risk 0.57cvss 8.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the GGUF library gguf_fread_str functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2024-21836HigFeb 26, 2024
    risk 0.57cvss 8.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2024-21825HigFeb 26, 2024
    risk 0.57cvss 8.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this…

  • CVE-2024-21802HigFeb 26, 2024
    risk 0.57cvss 8.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the GGUF library info->ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2025-53630HigJul 10, 2025
    risk 0.51cvss epss 0.00

    llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579.

  • CVE-2026-33298HigMar 24, 2026
    risk 0.44cvss 7.8epss 0.00

    llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the `ggml_nbytes` function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes `ggml_nbytes` to return a…

  • CVE-2026-27940HigMar 12, 2026
    risk 0.44cvss 7.8epss 0.00

    llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past…

  • CVE-2024-42478MedAug 12, 2024
    risk 0.27cvss 5.3epss 0.01

    llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561.

  • CVE-2024-42477MedAug 12, 2024
    risk 0.27cvss 5.3epss 0.00

    llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_tensor` structure can cause `global-buffer-overflow`. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561.

  • CVE-2026-2069LowFeb 6, 2026
    risk 0.21cvss 3.3epss 0.00

    A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llama_grammar_advance_stack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer overflow. The attack needs to be…

  • CVE-2026-21869Jan 7, 2026
    risk 0.00cvss epss 0.00

    llama.cpp is an inference of several LLM models in C/C++. In commits 55d4206c8 and prior, the n_discard parameter is parsed directly from JSON input in the llama.cpp server's completion endpoints without validation to ensure it's non-negative. When a negative value is supplied…

  • CVE-2025-52566Jun 24, 2025
    risk 0.00cvss epss 0.00

    llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation (llama_vocab::tokenize) (src/llama-vocab.cpp:3036) resulting in unintended behavior in tokens copying size…

  • CVE-2025-49847Jun 17, 2025
    risk 0.00cvss epss 0.00

    llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper _try_copy in llama.cpp/src/vocab.cpp:…