LLM models in C/C++ may write data outside allocated space

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

LLM models in C/C++ may write data outside allocated space

CVE-2026-27940

Summary

Some C/C++ code that handles large language model (LLM) models has a bug that could allow an attacker to write data to memory outside the intended space. This could lead to security issues, but it's been fixed in a recent update. To stay secure, make sure you're running the latest version of the affected software.

Original title

Original description

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146.

nvd CVSS3.1 7.8

Vulnerability type

CWE-122 Heap-based Buffer Overflow

CWE-190 Integer Overflow

https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v

Published: 12 Mar 2026 · Updated: 14 Mar 2026 · First seen: 12 Mar 2026