| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-34159 | llama.cpp: Unauthenticated RCE via GRAPH_COMPUTE buffer=0 bypass in llama.cpp RPC backend | ggml-org | llama.cpp | Critical | 9.8 | 2026-04-01 17:00:00 | Deep Dive |
| CVE-2026-33298 | llama.cpp has a Heap Buffer Overflow via Integer Overflow in GGUF Tensor Parsing | ggml-org | llama.cpp | High | 7.8 | 2026-03-24 00:01:41 | Deep Dive |
| CVE-2026-27940 | llama.cpp has a Heap Buffer Overflow via Integer Overflow in `mem_size` Calculation — Bypass of CVE-2025-53630 Fix | ggml-org | llama.cpp | High | 7.8 | 2026-03-12 16:39:37 | Deep Dive |
| CVE-2026-2069 | ggml-org llama.cpp GBNF Grammar llama-grammar.cpp llama_grammar_advance_stack stack-based overflow | ggml-org | llama.cpp | Low | 3.3 | 2026-02-06 22:02:09 | Deep Dive |
| CVE-2026-21869 | llama.cpp has Out-of-bounds Write in llama-server | ggml-org | llama.cpp | High | 8.8 | 2026-01-07 23:38:00 | Deep Dive |
| CVE-2025-14569 | ggml-org whisper.cpp common-whisper.cpp read_audio_data use after free | ggml-org | whisper.cpp | Medium | 5.3 | 2025-12-12 18:02:09 | Deep Dive |
| CVE-2025-53630 | Integer Overflow in GGUF Parser can lead to Heap Out-of-Bounds Read/Write in gguf | ggml-org | llama.cpp | - | - | 2025-07-10 19:32:45 | Deep Dive |
| CVE-2025-52566 | llama.cpp tokenizer signed vs. unsigned heap overflow | ggml-org | llama.cpp | High | 8.6 | 2025-06-24 03:21:19 | Deep Dive |
| CVE-2025-49847 | llama.cpp Vulnerable to Buffer Overflow via Malicious GGUF Model | ggml-org | llama.cpp | High | 8.8 | 2025-06-17 20:04:41 | Deep Dive |