CVE-2026-2069 | ggml-org llama.cpp up to 55abc39 GBNF Grammar llama-grammar.cpp llama_grammar_advance_stack stack-based overflow (Issue 18988 / ID 18993)

Inserito da Angelo Barbosa | Feb 6, 2026 | CVE

A vulnerability marked as critical has been reported in ggml-org llama.cpp up to 55abc39. Impacted is the function llama_grammar_advance_stack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer overflow.

This vulnerability is registered as CVE-2026-2069. The attack needs to be launched locally. Furthermore, an exploit is available.

To fix this issue, it is recommended to deploy a patch.

CVE-2026-2069 | ggml-org llama.cpp up to 55abc39 GBNF Grammar llama-grammar.cpp llama_grammar_advance_stack stack-based overflow (Issue 18988 / ID 18993)

Post correlati

CVE-2025-5164 | PerfreeBlog 4.0.11 JWT JwtUtil hard-coded key

CVE-2025-24290 | Ubiquiti UISP Application up to 2.4.206 sql injection

CVE-2026-1785 | Code Snippets Plugin up to 3.9.4 on WordPress Cloud_Search_List_Table cross-site request forgery

CVE-2024-45717 | SolarWinds Platform up to 2024.4 Search/Node Information Section cross site scripting