How to fix EUVD-2025-18632?

Within 24 hours: inventory all systems running llama.cpp and identify those in production or handling sensitive data; isolate affected systems from critical networks if patching cannot be completed immediately. Within 7 days: apply vendor patch to version b5662 or later across all affected systems; validate patches in test environments first. Within 30 days: conduct security audit of model sources and implement controls to restrict model loading to trusted, verified sources only; review access logs for suspicious model uploads or executions.

Is Llama.Cpp affected by EUVD-2025-18632?

A critical vulnerability in llama.cpp allows attackers to execute arbitrary code by crafting malicious AI model files, potentially compromising any system using this library for language model inference.

EUVD-2025-18632

| CVE-2025-49847 HIGH

2025-06-17 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 14, 2026 - 22:15 vuln.today

EUVD ID Assigned

Mar 14, 2026 - 22:15 euvd

EUVD-2025-18632

Patch Released

Mar 14, 2026 - 22:15 nvd

Patch available

CVE Published

Jun 17, 2025 - 20:15 nvd

HIGH 8.8

Description

llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper _try_copy in llama.cpp/src/vocab.cpp: llama_vocab::impl::token_to_piece() casts a very large size_t token length into an int32_t, causing the length check (if (length < (int32_t)size)) to be bypassed. As a result, memcpy is still called with that oversized size, letting a malicious model overwrite memory beyond the intended buffer. This can lead to arbitrary memory corruption and potential code execution. This issue has been patched in version b5662.

Analysis

A buffer overflow vulnerability in llama.cpp (CVSS 8.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Technical Context

CWE-119 (Buffer Overflow). CVSS 8.8 indicates high severity. Affects llama.cpp.

Affected Products

['llama.cpp']

Remediation

Apply the vendor-supplied patch immediately. Consider network segmentation to limit exposure if patching is delayed.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +44

POC: 0

Vendor Status

Ubuntu

Priority: Medium

llama.cpp

Release	Status	Version
jammy	DNE	-
noble	DNE	-
oracular	DNE	-
plucky	DNE	-
upstream	needs-triage	-
questing	needs-triage	-

Debian

Bug #1108113

llama.cpp

Release	Status	Fixed Version	Urgency
sid	fixed	8064+dfsg-2	-
(unstable)	fixed	5713+dfsg-1	-

EUVD-2025-18632 vulnerability details – vuln.today

Back

EUVD-2025-18632

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

EUVD-2025-18632

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

External POC / Exploit Code