CVE-2025-53630 | ggml-org llama.cpp ggml/src/gguf.cpp gguf_init_from_file_impl heap-based overflow (Nessus ID 270267 / WID-SEC-2025-1747)
A vulnerability identified as critical has been detected in ggml-org llama.cpp. The impacted element is the function gguf_init_from_file_impl of the file ggml/src/gguf.cpp. Performing manipulation results in heap-based buffer overflow.
This vulnerability is cataloged as CVE-2025-53630. It is possible to initiate the attack remotely. There is no exploit available.
To fix this issue, it is recommended to deploy a patch.