CVE-2026-2069

LOW 3.3

ggml-org llama.cpp GBNF Grammar llama-grammar.cpp llama_grammar_advance_stack stack-based overflow

CVSS Score

3.3

EPSS Score

0.0%

EPSS Percentile

0th

A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llama_grammar_advance_stack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer overflow. The attack needs to be launched locally. The exploit has been published and may be used. Patch name: 18993. To fix this issue, it is recommended to deploy a patch.

CWE	CWE-121 CWE-119
Vendor	ggml-org
Product	llama.cpp
Published	Feb 6, 2026
Last Updated	Feb 23, 2026

Stay Ahead of the Next One

Get instant alerts for ggml-org llama.cpp

Be the first to know when new low vulnerabilities affecting ggml-org llama.cpp are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

ggml-org / llama.cpp

55abc39

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.344636 vuldb.com: https://vuldb.com/?ctiid.344636 vuldb.com: https://vuldb.com/?submit.745263 github.com: https://github.com/ggml-org/llama.cpp/issues/18988 github.com: https://github.com/ggml-org/llama.cpp/issues/18988#event-4426704865 github.com: https://github.com/user-attachments/files/24761101/poc.zip github.com: https://github.com/ggml-org/llama.cpp/pull/18993 github.com: https://github.com/ggml-org/llama.cpp/

Credits

🔍 TYGLS (VulDB User)