CNNVD-202602-936 Information
CNNVD ID
CNNVD-202602-936
Related CVE
- CNNVD Published: 2026-02-06
Description (Chinese)
llama.cpp是Georgi Gerganov个人开发者的一个多模态模型。 llama.cpp 55abc39及之前版本存在安全漏洞,该漏洞源于GBNF语法处理程序存在栈缓冲区溢出。
Description (English)
llama.cpp is a multi-modular model of Georgi Gerganov’s personal developer. llama.cpp 55abc39 and previous versions had a security loophole, which stemmed from the spilling of the GBNF syntax processing process in the buffer zone.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2026-02-06
Last Modified
2026-02-24
References
https://github.com/ggml-org/llama.cpp/ https://github.com/ggml-org/llama.cpp/issues/18988 https://github.com/ggml-org/llama.cpp/issues/18988#event-4426704865 https://github.com/ggml-org/llama.cpp/pull/18993 https://github.com/user-attachments/files/24761101/poc.zip https://vuldb.com/?ctiid.344636 https://vuldb.com/?id.344636 https://vuldb.com/?submit.745263 https://access.redhat.com/security/cve/cve-2026-2069
Patch
https://github.com/ggml-org/llama.cpp/releases
Share on: