CVE-2026-27940

HIGH

llama.cpp <b8146 - Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-27940. PoCs published by ngtuonghung.

AI-analyzed exploit summary The repository contains only a README.md file with a CVE title and no additional content, technical details, or exploit code. It is a placeholder with minimal information.

Description

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread() writes 528+ bytes of attacker-controlled data past the buffer boundary. This is a bypass of a similar bug in the same file - CVE-2025-53630, but the fix overlooked some areas. This vulnerability is fixed in b8146.

Exploits (1)

nomisec STUB

by ngtuonghung · poc

https://github.com/ngtuonghung/CVE-2026-27940

View Code ZIP pw:eip

The repository contains only a README.md file with a CVE title and no additional content, technical details, or exploit code. It is a placeholder with minimal information.

Classification

Stub 100%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown

No auth needed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Apr 09, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-3p4r-fq3f-q74v

Scores

CVSS v3 7.8

EPSS 0.0018

EPSS Percentile 7.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-122 CWE-190

Status published

Products (1)

ggml/llama.cpp < b8146

Published Mar 12, 2026

Tracked Since Mar 13, 2026