CVE-2026-27940

high

Published 2026-03-12 · Modified 2026-04-28

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

7.8

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v4 NEW

—

not yet in upstream

VIR risk

7.8

Description

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146.

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Debian Security Tracker · View original ↗ · DFSG

CVE-2026-27940 NameCVE-2026-27940 Descriptionllama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file -…

CVE-2026-27940

Name	CVE-2026-27940
Description	llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
llama.cpp (PTS)	forky	8941+dfsg-1	fixed
	sid	9413+dfsg-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
llama.cpp	source	(unstable)	8461+dfsg-1

Notes

https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v

Home - Debian Security - Source (Git)

Apply commands

text fix

Notes

https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v

OS impact

Debian Fixed 2 releases

Version	Status	Fixed in
sid	Fixed	`8461+dfsg-1`
forky	Fixed	`8461+dfsg-1`

Application impact

Vendor	Product	Versions	Fixed
ggml	llama.cpp	`{"endExcluding":"b8146"}`	`b8146`

References

CWEs

CWE-122 CWE-190

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.