Signed vs. Unsigned Integer Overflow in Llama.cpp by GGML
CVE-2025-52566

8.6HIGH

Key Information:

Vendor: Ggml-org
Status: Llama.cpp
Vendor: CVE Published:; 24 June 2025

What is CVE-2025-52566?

Llama.cpp, an inference engine for various large language models, is affected by a signed vs. unsigned integer overflow in its tokenizer. This vulnerability arises in the tokenize method of llama_vocab, specifically when handling token size comparisons. If exploited, attackers can manipulate text inputs to induce heap overflows during the tokenization process, potentially leading to unintended software behavior. The issue has been patched in version b5721, making it critical for users to update to maintain security.

Affected Version(s)

llama.cpp < b5721

References

https://github.com/ggml-org/llama.cpp/security/advisories...

x_refsource_CONFIRM

https://github.com/ggml-org/llama.cpp/commit/dd6e6d0b6a4b...

x_refsource_MISC

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2025
Vulnerability Reserved
Jun 18, 2025

Ggml-org

What is CVE-2025-52566?

Affected Version(s)

References

CVSS V3.1

Timeline