CVE-2026-33298

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions llama.cpp versions prior to b7824

Description The software is susceptible to an integer overflow in the ggml nbytes function. This allows an attacker to bypass memory validation by creating a specially crafted GGUF file with specific tensor dimensions. The ggml nbytes function returns a significantly smaller size than required, leading to a heap-based buffer overflow when the application processes the tensor. This can result in potential Remote Code Execution (RCE) through memory corruption.

Recommendations Update to version b7824 or later.

Exploit

Fix

RCE

Heap Based Buffer Overflow

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122CWE-190

Related Identifiers

CVE-2026-33298

GHSA-96JG-MVHQ-Q7Q7

Affected Products

Llama.Cpp

CVE-2026-33298

Weakness Enumeration

Related Identifiers

Affected Products

References · 13