{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27940", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-25T03:11:36.689Z", "datePublished": "2026-03-12T16:39:37.463Z", "dateUpdated": "2026-03-14T03:55:24.463Z"}, "containers": {"cna": {"title": "llama.cpp has a Heap Buffer Overflow via Integer Overflow in `mem_size` Calculation \u2014 Bypass of CVE-2025-53630 Fix", "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "lang": "en", "description": "CWE-122: Heap-based Buffer Overflow", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-190", "lang": "en", "description": "CWE-190: Integer Overflow or Wraparound", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v"}], "affected": [{"vendor": "ggml-org", "product": "llama.cpp", "versions": [{"version": "< b8146", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-12T16:39:37.463Z"}, "descriptions": [{"lang": "en", "value": "llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146."}], "source": {"advisory": "GHSA-3p4r-fq3f-q74v", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T00:00:00+00:00", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-27940"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-14T03:55:24.463Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27940", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-12T20:21:58.495167Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T20:33:45.889Z"}}], "cna": {"title": "llama.cpp has a Heap Buffer Overflow via Integer Overflow in `mem_size` Calculation \u2014 Bypass of CVE-2025-53630 Fix", "source": {"advisory": "GHSA-3p4r-fq3f-q74v", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "ggml-org", "product": "llama.cpp", "versions": [{"status": "affected", "version": "< b8146"}]}], "references": [{"url": "https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v", "name": "https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-12T16:39:37.463Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27940", "state": "PUBLISHED", "dateUpdated": "2026-03-14T03:55:24.463Z", "dateReserved": "2026-02-25T03:11:36.689Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-12T16:39:37.463Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ggml:llama.cpp:*:*:*:*:*:*:*:*", "matchCriteriaId": "4948FEA7-D4C9-48A1-BF6A-5A17D230E9D7", "versionEndExcluding": "b8146", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146."}, {"lang": "es", "value": "llama.cpp es una inferencia de varios modelos LLM en C/C++. Antes de b8146, la gguf_init_from_file_impl() en gguf.cpp es vulnerable a un desbordamiento de entero, lo que lleva a una asignaci\u00f3n de memoria heap de tama\u00f1o insuficiente. El uso de la posterior fread() escribe m\u00e1s de 528 bytes de datos controlados por el atacante m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer. Esto es un bypass de un error similar en el mismo archivo - CVE-2025-53630, pero la correcci\u00f3n pas\u00f3 por alto algunas \u00e1reas. Esta vulnerabilidad est\u00e1 corregida en b8146."}], "id": "CVE-2026-27940", "lastModified": "2026-04-28T21:27:02.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-12T17:16:49.920", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}, {"lang": "en", "value": "CWE-190"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,b8146)"}}], "enrichment": {"confidence": 88.0, "confidence_source": "matching", "scores": [{"score": 88.0, "source": "matching"}]}, "original": {"product": "llama.cpp", "source": "cna", "vendor": "ggml-org"}, "product": "llama.cpp", "vendor": "ggml"}], "analysis": {"en": {"generated_at": "2026-03-18T14:58:57.711407+00:00", "value": {"mitigation_remediation": ["Apply the llama.cpp patch corresponding to commit b8146 or later", "Verify the applied update by checking the commit hash provided by the vendor", "If an immediate update is not possible, restrict the application to loading only trusted, signed model files from secure sources"], "summary": {"action": "Immediate Patch", "impact": "Arbitrary Code Execution"}, "threat_synthesis": {"affected_systems": "Affected versions of the ggml-org:llama.cpp library are all releases prior to the commit identifier b8146, which contains the fix referred to in the CVE description. No specific version numbers are listed, so any build of llama.cpp compiled before b8146 is considered vulnerable.", "description_and_impact": "The vulnerability in llama.cpp causes a heap buffer overflow due to an integer overflow in the calculation of `mem_size` inside gguf_init_from_file_impl() in gguf.cpp. The overflow results in an undersized heap allocation; subsequently, fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a classic heap-based buffer overflow (CWE-122) triggered by an integer overflow (CWE-190) and can potentially allow an attacker to corrupt memory or execute arbitrary code.", "risk_and_exploitability": "The CVSS score for this issue is 7.8, indicating a high severity. EPSS is reported as less than 1\u202f%, suggesting a low likelihood of exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. Because the flaw is triggered when a malicious .gguf file is loaded, an attacker would need the ability to supply such a file to the application, implying a local or compromised-host attack vector. If executed, the overflow could lead to remote code execution through the compromised process."}}}}, "created": "2026-03-13T09:51:05.463112+00:00", "updated": "2026-03-20T15:48:58.187924+00:00", "vendors": ["ggml", "ggml$PRODUCT$llama.cpp"]}