CVE-2025-53630
Description
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-53630? +
How do I check if I'm vulnerable to CVE-2025-53630? +
Related Vulnerabilities
vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file (vifminfo.json). This …
A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access …
A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. …
Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory
There is a Heap-based Buffer Overflow vulnerability in QTextMarkdownImporter. This requires an incorrectly formatted markdown file to be passed to …
z2d is a pure Zig 2D graphics library. Versions of z2d after `0.5.1` and up to and including `0.6.0`, when …