Buffer Overflow Vulnerability in Llama.cpp Affects Multiple Large Language Models
CVE-2025-49847

8.8HIGH

Key Information:

Vendor: Ggml-org
Status: Llama.cpp
Vendor: CVE Published:; 17 June 2025

What is CVE-2025-49847?

The vulnerability in Llama.cpp stems from inadequate handling of attacker-supplied GGUF model vocabularies, allowing malicious actors to exploit buffer overflow vulnerabilities. In the affected versions, an oversized token length is improperly cast, resulting in bypassing critical length checks. This allows for unsafe memory copying operations that can lead to arbitrary memory corruption and possible code execution. Users are strongly advised to upgrade to version b5662 or later to mitigate these risks.

Affected Version(s)

llama.cpp < b5662

References

https://github.com/ggml-org/llama.cpp/security/advisories...

x_refsource_CONFIRM

https://github.com/ggml-org/llama.cpp/commit/3cfbbdb44e08...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2025
Vulnerability Reserved
Jun 11, 2025

Ggml-org

What is CVE-2025-49847?

Affected Version(s)

References

CVSS V3.1

Timeline