CVE-2025-53630
published 2025-07-10CVE-2025-53630: llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap…
PriorityP344high8.9CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.32%
23.5th percentile
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ggml | < ggml 0.0~git20250711.b6d2ebd-1 (sid) | ggml 0.0~git20250711.b6d2ebd-1 (sid) |
| debian | llama.cpp | < ggml 0.0~git20250711.b6d2ebd-1 (sid) | ggml 0.0~git20250711.b6d2ebd-1 (sid) |
| debian | llama.cpp | < llama.cpp 8461+dfsg-1 (sid) | llama.cpp 8461+dfsg-1 (sid) |
| ggml-org | llama.cpp | < b8146 | b8146 |
| ggml | llama.cpp | < b8146 | b8146 |
| llama.cpp | llama.cpp | >= 0 < 5882+dfsg-1 | 5882+dfsg-1 |
CVSS provenance
nvdv4.08.9HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv8.9HIGH
vendor_debian8.9HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2026-27940: llama.cpp - llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gg...
vendor_debian·2026·CVSS 8.9
CVE-2026-27940 [HIGH] CVE-2026-27940: llama.cpp - llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gg...
llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146.
Scope: local
sid: resolved (fixed in 8461+dfsg-1)
Debian
CVE-2025-53630: ggml - llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in th...
vendor_debian·2025·CVSS 8.9
CVE-2025-53630 [HIGH] CVE-2025-53630: ggml - llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in th...
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579.
Scope: local
sid: resolved (fixed in 0.0~git20250711.b6d2ebd-1)
OSV
CVE-2026-27940: llama
osv·2026-03-12·CVSS 8.9
CVE-2026-27940 [HIGH] CVE-2026-27940: llama
llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146.
OSV
CVE-2025-53630: llama
osv·2025-07-10·CVSS 8.9
CVE-2025-53630 [HIGH] CVE-2025-53630: llama
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579.
No detection rules found.
No public exploits indexed.
2025-07-10
Published