{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T20:32:49.691","vulnerabilities":[{"cve":{"id":"CVE-2026-27940","sourceIdentifier":"security-advisories@github.com","published":"2026-03-12T17:16:49.920","lastModified":"2026-04-28T21:27:02.260","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146."},{"lang":"es","value":"llama.cpp es una inferencia de varios modelos LLM en C/C++. Antes de b8146, la gguf_init_from_file_impl() en gguf.cpp es vulnerable a un desbordamiento de entero, lo que lleva a una asignación de memoria heap de tamaño insuficiente. El uso de la posterior fread() escribe más de 528 bytes de datos controlados por el atacante más allá del límite del búfer. Esto es un bypass de un error similar en el mismo archivo - CVE-2025-53630, pero la corrección pasó por alto algunas áreas. Esta vulnerabilidad está corregida en b8146."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-122"},{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ggml:llama.cpp:*:*:*:*:*:*:*:*","versionEndExcluding":"b8146","matchCriteriaId":"4948FEA7-D4C9-48A1-BF6A-5A17D230E9D7"}]}]}],"references":[{"url":"https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}}]}