CVE-2025-14569 | ggml-org whisper.cpp up to 1.8.2 common-whisper.cpp read_audio_data use after free (Issue 3501)

Inserito da Angelo Barbosa | Dic 12, 2025 | CVE

A vulnerability labeled as critical has been found in ggml-org whisper.cpp up to 1.8.2. Affected is the function read_audio_data of the file /whisper.cpp/examples/common-whisper.cpp. The manipulation results in use after free.

This vulnerability is reported as CVE-2025-14569. The attack requires a local approach. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2025-14569 | ggml-org whisper.cpp up to 1.8.2 common-whisper.cpp read_audio_data use after free (Issue 3501)

Post correlati

CVE-2024-1842 | WPBakery Visual Composer Plugin up to 7.5 on WordPress Custom Heading Tag Attribute cross site scripting

CVE-2023-52337 | Trend Micro Deep Security access control

CVE-2024-11436 | Drag & Drop Builder Plugin up to 1.4.19 on WordPress cross site scripting

CVE-2025-14222 | code-projects Employee Profile Management System 1.0 print_personnel_report.php per_id sql injection