-
Notifications
You must be signed in to change notification settings - Fork 12.2k
Security: ggml-org/llama.cpp
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Tokenizer signed vs. unsigned heap overflowGHSA-7rxv-5jhh-j6xx published
Jun 23, 2025 by ggerganovHigh -
Heap-based Buffer Over-read in llama_model_loadGHSA-g4cc-763q-h9h6 published
Jun 25, 2025 by ggerganovModerate -
Buffer Overflow in llama.cpp via Malicious GGUF Model – Exploitable via Vocabulary Loading (`llama_vocab::impl::token_to_piece`)GHSA-8wwf-w4qm-gpqr published
Jun 14, 2025 by ggerganovHigh -
Write-what-where in rpc_server::set_tensorGHSA-wcr5-566p-9cwj published
Aug 12, 2024 by ggerganovCritical -
Arbitrary Address Read in rpc_server::get_tensorGHSA-5vm9-p64x-gqw9 published
Aug 12, 2024 by ggerganovModerate -
global-buffer-overflow in ggml_type_sizeGHSA-mqp6-7pv6-fqjf published
Aug 12, 2024 by ggerganovModerate -
Null pointer dereference in gguf_init_from_fileGHSA-49q7-2jmh-92fp published
Jul 22, 2024 by ggerganovModerate -
Use of Uninitialized Variable Vulnerability in gguf_init_from_fileGHSA-p5mv-gjc5-mwqv published
Apr 26, 2024 by ggerganovHigh